Commit Graph

22 Commits

Author SHA1 Message Date
Tom Lane
bc042e0a77 Support ident authentication on local (Unix) socket connections, if the
system supports SO_PEERCRED requests for Unix sockets.  This is an
amalgamation of patches submitted by Helge Bahmann and Oliver Elphick,
with some editorializing by yours truly.
2001-08-01 23:25:39 +00:00
Tom Lane
77896d1fc9 Cleanup code for preparsing pg_hba.conf and pg_ident.conf. Store line
number in the data structure so that we can give at least a minimally
useful idea of where the mistake is when we issue syntax error messages.
Move the ClientAuthentication() call to where it should have been in
the first place, so that postmaster memory releasing can happen in a
reasonable place also.  Update obsolete comments, correct one real bug
(auth_argument was not picked up correctly).
2001-07-31 22:55:45 +00:00
Bruce Momjian
462b7d46d1 Load pg_hba.conf and pg_ident.conf on startup and SIGHUP into List of
Lists, and use that for user validation.

Bruce Momjian
2001-07-30 14:50:24 +00:00
Bruce Momjian
9e1552607a pgindent run. Make it all clean. 2001-03-22 04:01:46 +00:00
Bruce Momjian
df43800fc8 Clean up #include's. 2000-06-15 03:33:12 +00:00
Bruce Momjian
52f77df613 Ye-old pgindent run. Same 4-space tabs. 2000-04-12 17:17:23 +00:00
Tom Lane
ecd0bfa81a Look Ma, no MAX_PARSE_BUFFER! (At least not in the backend.
pg_dump and interfaces/odbc still need some work.)
1999-10-23 03:13:33 +00:00
Bruce Momjian
e0e7daef6d Lots of patches coming in from me today :-)
When drawing up a very simple "text-drawing" of how the negotiation is done,
I realised I had done this last part (fallback) in a very stupid way. Patch
#4 fixes this, and does it in a much better way.

Included is also the simple text-drawing of how the negotiation is done.

//Magnus
1999-09-27 03:13:16 +00:00
Bruce Momjian
0cf1b79528 Cleanup of /include #include's, for 6.6 only. 1999-07-14 01:20:30 +00:00
Bruce Momjian
d6e33c8b07 Rename MAP_FILE to USERMAP_FILE for Digital Unix. 1999-05-10 15:17:17 +00:00
Bruce Momjian
6724a50787 Change my-function-name-- to my_function_name, and optimizer renames. 1999-02-13 23:22:53 +00:00
Bruce Momjian
fa1a8d6a97 OK, folks, here is the pgindent output. 1998-09-01 04:40:42 +00:00
Bruce Momjian
af74855a60 Renaming cleanup, no pgindent yet. 1998-09-01 03:29:17 +00:00
Bruce Momjian
3f372ee6b3 > I needed to do that for the web database that I'm setting up. We
have > 20000 users and each (potentially) needs a separate database
which is > only accessible to them. Rather than having 20000 lines
in pg_hba.conf, > I've patched Postgres so that the special token
"sameuser" in the > database field of pg_hba.conf allows access
only to the username which > is connecting.
1998-06-13 04:27:18 +00:00
Bruce Momjian
a32450a585 pgindent run before 6.3 release, with Thomas' requested changes. 1998-02-26 04:46:47 +00:00
Marc G. Fournier
d5bbe2aca5 From: Phil Thompson <phil@river-bank.demon.co.uk>
I've completed the patch to fix the protocol and authentication issues I
was discussing a couple of weeks ago.  The particular changes are:

- the protocol has a version number
- network byte order is used throughout
- the pg_hba.conf file is used to specify what method is used to
  authenticate a frontend (either password, ident, trust, reject, krb4
  or krb5)
- support for multiplexed backends is removed
- appropriate changes to man pages
- the -a switch to many programs to specify an authentication service
  no longer has any effect
- the libpq.so version number has changed to 1.1

The new backend still supports the old protocol so old interfaces won't
break.
1998-01-26 01:42:53 +00:00
Bruce Momjian
7229513943 Fix prototypes so they don't look like function definitions. 1998-01-24 22:50:57 +00:00
Bruce Momjian
59f6a57e59 Used modified version of indent that understands over 100 typedefs. 1997-09-08 21:56:23 +00:00
Bruce Momjian
1ccd423235 Massive commit to run PGINDENT on all *.c and *.h files. 1997-09-07 05:04:48 +00:00
Marc G. Fournier
3a7c93e7f3 From: Dan McGuirk <mcguirk@indirect.com>
Subject: [HACKERS] password authentication

This patch adds support for plaintext password authentication.  To use
it, you add a line like

host         all         0.0.0.0       0.0.0.0           password  pg_pwd.conf


to your pg_hba.conf, where 'pg_pwd.conf' is the name of a file containing
the usernames and password hashes in the format of the first two fields
of a Unix /etc/passwd file.  (Of course, you can use a specific database
name or IP instead.)

Then, to connect with a password through libpq, you use the PQconnectdb()
function, specifying the "password=" tag in the connect string and also
adding the tag "authtype=password".

I also added a command-line switch '-u' to psql that tells it to prompt
for a username and password and use password authentication.
1997-03-12 21:23:16 +00:00
Marc G. Fournier
1d0dd471fa Okay...this pretty much cleans out the include files.
I'm able to get through a 'make' of the backend with no errors except
the occasional 'might not be initialized error', which is nothing major,
just annoying.

Have a few patches from D'Arcy to incorporate, but am waiting until I can
get a clean compile first, which I'm hoping to have before bed, or sometime
tomorrow.
1996-11-06 10:31:02 +00:00
Bryan Henderson
6d70d550e6 Prepare for new host-based authentication 1996-10-11 09:12:18 +00:00