# zschema sub-schema for zgrab2's postgres module
# Registers zgrab2-postgres globally, and postgres with the main zgrab2 schema.
from zschema.leaves import *
from zschema.compounds import *
import zschema.registry

import zcrypto_schemas.zcrypto as zcrypto
import zgrab2

# modules/postgres/scanner.go - decodeError() (TODO: Currently an unconstrained
# map[string]string; it is possible to get "unknown (0x%x)" fields, but it
# would probably be proper to reject those at this point)

# These are defined in detail at
#   https://www.postgresql.org/docs/10/static/protocol-error-fields.html
postgres_error = SubRecord({
    "severity": String(required=True),
    "severity_v": String(),
    "code": String(required=True),
    "message": String(),
    "detail": String(),
    "hint": String(),
    "position": String(),
    "internal_position": String(),
    "internal_query": String(),
    "where": String(),
    "schema": String(),
    "table": String(),
    "data": String(),
    "file": String(),
    "line": String(),
    "routine": String(),
})

# modules/postgres/scanner.go - decodeAuthMode()
AUTH_MODES = [
    "kerberos_v5", "password_cleartext", "password_md5", "scm_credentials",
    "gss", "sspi", "sasl", "ok", "gss-continue", "sasl-continue", "sasl-final"
]

# modules/postgres/scanner.go: AuthenticationMode
postgres_auth_mode = SubRecord({
    "mode": Enum(values=AUTH_MODES, required=True),
    "Payload": Binary(),
})

# modules/postgres/scanner.go: BackendKeyData
postgres_key_data = SubRecord({
    "process_id": Unsigned32BitInteger(),
    "secret_key": Unsigned32BitInteger(),
})

# modules/postgres/scanner.go: PostgresResults
postgres_scan_response = SubRecord({
    "result": SubRecord({
        "tls": zgrab2.tls_log,
        "supported_versions": String(),
        "protocol_error": postgres_error,
        "startup_error": postgres_error,
        "is_ssl": Boolean(required=True),
        "authentication_mode": postgres_auth_mode,
        # TODO FIXME: This is currendly an unconstrained map[string]string
        "server_parameters": String(),
        "backend_key_data": postgres_key_data,
        "transaction_status": String(),
    })
}, extends=zgrab2.base_scan_response)

zschema.registry.register_schema("zgrab2-postgres", postgres_scan_response)

zgrab2.register_scan_response_type("postgres", postgres_scan_response)