1 /*------------------------------------------------------------------------- 2 * 3 * hba.h 4 * Interface to hba.c 5 * 6 * 7 * src/include/libpq/hba.h 8 * 9 *------------------------------------------------------------------------- 10 */ 11 #ifndef HBA_H 12 #define HBA_H 13 14 #include "libpq/pqcomm.h" /* pgrminclude ignore */ /* needed for NetBSD */ 15 #include "nodes/pg_list.h" 16 #include "regex/regex.h" 17 18 19 typedef enum UserAuth 20 { 21 uaReject, 22 uaImplicitReject, 23 uaTrust, 24 uaIdent, 25 uaPassword, 26 uaMD5, 27 uaGSS, 28 uaSSPI, 29 uaPAM, 30 uaBSD, 31 uaLDAP, 32 uaCert, 33 uaRADIUS, 34 uaPeer 35 } UserAuth; 36 37 typedef enum IPCompareMethod 38 { 39 ipCmpMask, 40 ipCmpSameHost, 41 ipCmpSameNet, 42 ipCmpAll 43 } IPCompareMethod; 44 45 typedef enum ConnType 46 { 47 ctLocal, 48 ctHost, 49 ctHostSSL, 50 ctHostNoSSL 51 } ConnType; 52 53 typedef struct HbaLine 54 { 55 int linenumber; 56 char *rawline; 57 ConnType conntype; 58 List *databases; 59 List *roles; 60 struct sockaddr_storage addr; 61 struct sockaddr_storage mask; 62 IPCompareMethod ip_cmp_method; 63 char *hostname; 64 UserAuth auth_method; 65 66 char *usermap; 67 char *pamservice; 68 bool pam_use_hostname; 69 bool ldaptls; 70 char *ldapserver; 71 int ldapport; 72 char *ldapbinddn; 73 char *ldapbindpasswd; 74 char *ldapsearchattribute; 75 char *ldapbasedn; 76 int ldapscope; 77 char *ldapprefix; 78 char *ldapsuffix; 79 bool clientcert; 80 char *krb_realm; 81 bool include_realm; 82 bool compat_realm; 83 bool upn_username; 84 char *radiusserver; 85 char *radiussecret; 86 char *radiusidentifier; 87 int radiusport; 88 } HbaLine; 89 90 typedef struct IdentLine 91 { 92 int linenumber; 93 94 char *usermap; 95 char *ident_user; 96 char *pg_role; 97 regex_t re; 98 } IdentLine; 99 100 /* kluge to avoid including libpq/libpq-be.h here */ 101 typedef struct Port hbaPort; 102 103 extern bool load_hba(void); 104 extern bool load_ident(void); 105 extern void hba_getauthmethod(hbaPort *port); 106 extern int check_usermap(const char *usermap_name, 107 const char *pg_role, const char *auth_user, 108 bool case_sensitive); 109 extern bool pg_isblank(const char c); 110 111 #endif /* HBA_H */ 112