1 /* -*-pgsql-c-*- */
2 /*
3  *
4  * $Header$
5  *
6  * pgpool: a language independent connection pool server for PostgreSQL
7  * written by Tatsuo Ishii
8  *
9  * Copyright (c) 2003-2018	PgPool Global Development Group
10  *
11  * Permission to use, copy, modify, and distribute this software and
12  * its documentation for any purpose and without fee is hereby
13  * granted, provided that the above copyright notice appear in all
14  * copies and that both that copyright notice and this permission
15  * notice appear in supporting documentation, and that the name of the
16  * author not be used in advertising or publicity pertaining to
17  * distribution of the software without specific, written prior
18  * permission. The author makes no representations about the
19  * suitability of this software for any purpose.  It is provided "as
20  * is" without express or implied warranty.
21  *
22  * pool_hba.h: pool_hba related definitions.
23  *
24  */
25 
26 #ifndef POOL_HBA_H
27 #define POOL_HBA_H
28 
29 #include "parser/pg_list.h"
30 #include "pool.h"
31 
32 #ifdef USE_LDAP
33 #include  <ldap.h>
34 #endif
35 
36 /* UserAuth type used for HBA which indicates the authentication method */
37 typedef enum UserAuth
38 {
39 	uaImplicitReject,
40 	uaReject,
41 	/* uaKrb4, */
42 	/* uaKrb5, */
43 	uaTrust,
44 	/* uaIdent, */
45 	uaPassword,
46 	/* uaCrypt, */
47 	uaCert,
48 	uaMD5,
49 	uaSCRAM
50 #ifdef USE_PAM
51 	,uaPAM
52 #endif							/* USE_PAM */
53 #ifdef USE_LDAP
54 	,uaLDAP
55 #endif							/* USE_LDAP */
56 }
57 UserAuth;
58 
59 typedef enum ConnType
60 {
61 	ctLocal,
62 	ctHost,
63 	ctHostSSL,
64 	ctHostNoSSL
65 } ConnType;
66 
67 typedef enum IPCompareMethod
68 {
69 	ipCmpMask,
70 	ipCmpSameHost,
71 	ipCmpSameNet,
72 	ipCmpAll
73 } IPCompareMethod;
74 
75 struct HbaLine
76 {
77 	int			linenumber;
78 	char	   *rawline;
79 	ConnType	conntype;
80 	List	   *databases;
81 	List	   *users;
82 	struct sockaddr_storage addr;
83 	struct sockaddr_storage mask;
84 	IPCompareMethod ip_cmp_method;
85 	char	   *hostname;
86 	UserAuth	auth_method;
87 	char	   *pamservice;
88 	bool		pam_use_hostname;
89 
90 	bool		ldaptls;
91 	char	   *ldapscheme;
92 	char	   *ldapserver;
93 	int			ldapport;
94 	char	   *ldapbinddn;
95 	char	   *ldapbindpasswd;
96 	char	   *ldapsearchattribute;
97 	char	   *ldapsearchfilter;
98 	char	   *ldapbasedn;
99 	int			ldapscope;
100 	char	   *ldapprefix;
101 	char	   *ldapsuffix;
102 	/* Additional LDAPl option with pgpool */
103 	bool		backend_use_passwd; /* If true, pgpool use same password to auth backend */
104 };
105 
106 extern bool load_hba(char *hbapath);
107 extern void ClientAuthentication(POOL_CONNECTION * frontend);
108 
109 #endif							/* POOL_HBA_H */
110