109 lines
1.9 KiB
C
109 lines
1.9 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* hba.h
|
|
* Interface to hba.c
|
|
*
|
|
*
|
|
* src/include/libpq/hba.h
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
#ifndef HBA_H
|
|
#define HBA_H
|
|
|
|
#include "libpq/pqcomm.h" /* pgrminclude ignore */ /* needed for NetBSD */
|
|
#include "nodes/pg_list.h"
|
|
#include "regex/regex.h"
|
|
|
|
|
|
typedef enum UserAuth
|
|
{
|
|
uaReject,
|
|
uaImplicitReject,
|
|
uaKrb5,
|
|
uaTrust,
|
|
uaIdent,
|
|
uaPassword,
|
|
uaMD5,
|
|
uaGSS,
|
|
uaSSPI,
|
|
uaPAM,
|
|
uaLDAP,
|
|
uaCert,
|
|
uaRADIUS,
|
|
uaPeer
|
|
} UserAuth;
|
|
|
|
typedef enum IPCompareMethod
|
|
{
|
|
ipCmpMask,
|
|
ipCmpSameHost,
|
|
ipCmpSameNet,
|
|
ipCmpAll
|
|
} IPCompareMethod;
|
|
|
|
typedef enum ConnType
|
|
{
|
|
ctLocal,
|
|
ctHost,
|
|
ctHostSSL,
|
|
ctHostNoSSL
|
|
} ConnType;
|
|
|
|
typedef struct HbaLine
|
|
{
|
|
int linenumber;
|
|
ConnType conntype;
|
|
List *databases;
|
|
List *roles;
|
|
struct sockaddr_storage addr;
|
|
struct sockaddr_storage mask;
|
|
IPCompareMethod ip_cmp_method;
|
|
char *hostname;
|
|
UserAuth auth_method;
|
|
|
|
char *usermap;
|
|
char *pamservice;
|
|
bool ldaptls;
|
|
char *ldapserver;
|
|
int ldapport;
|
|
char *ldapbinddn;
|
|
char *ldapbindpasswd;
|
|
char *ldapsearchattribute;
|
|
char *ldapbasedn;
|
|
int ldapscope;
|
|
char *ldapprefix;
|
|
char *ldapsuffix;
|
|
bool clientcert;
|
|
char *krb_server_hostname;
|
|
char *krb_realm;
|
|
bool include_realm;
|
|
char *radiusserver;
|
|
char *radiussecret;
|
|
char *radiusidentifier;
|
|
int radiusport;
|
|
} HbaLine;
|
|
|
|
typedef struct IdentLine
|
|
{
|
|
int linenumber;
|
|
|
|
char *usermap;
|
|
char *ident_user;
|
|
char *pg_role;
|
|
regex_t re;
|
|
} IdentLine;
|
|
|
|
/* kluge to avoid including libpq/libpq-be.h here */
|
|
typedef struct Port hbaPort;
|
|
|
|
extern bool load_hba(void);
|
|
extern bool load_ident(void);
|
|
extern void hba_getauthmethod(hbaPort *port);
|
|
extern int check_usermap(const char *usermap_name,
|
|
const char *pg_role, const char *auth_user,
|
|
bool case_sensitive);
|
|
extern bool pg_isblank(const char c);
|
|
|
|
#endif /* HBA_H */
|