PostgreSQL Source Code  git master
fe-auth.h File Reference
#include "libpq-fe.h"
#include "libpq-int.h"
Include dependency graph for fe-auth.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

int pg_fe_sendauth (AuthRequest areq, int payloadlen, PGconn *conn)
 
char * pg_fe_getauthname (PQExpBuffer errorMessage)
 
void * pg_fe_scram_init (PGconn *conn, const char *password, const char *sasl_mechanism)
 
bool pg_fe_scram_channel_bound (void *opaq)
 
void pg_fe_scram_free (void *opaq)
 
void pg_fe_scram_exchange (void *opaq, char *input, int inputlen, char **output, int *outputlen, bool *done, bool *success)
 
char * pg_fe_scram_build_secret (const char *password)
 

Function Documentation

◆ pg_fe_getauthname()

char* pg_fe_getauthname ( PQExpBuffer  errorMessage)

Definition at line 1076 of file fe-auth.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), libpq_gettext, name, pglock_thread, pgunlock_thread, pqGetpwuid(), strerror_r, and username.

Referenced by connectOptions2(), and conninfo_add_defaults().

1077 {
1078  char *result = NULL;
1079  const char *name = NULL;
1080 
1081 #ifdef WIN32
1082  /* Microsoft recommends buffer size of UNLEN+1, where UNLEN = 256 */
1083  char username[256 + 1];
1084  DWORD namesize = sizeof(username);
1085 #else
1086  uid_t user_id = geteuid();
1087  char pwdbuf[BUFSIZ];
1088  struct passwd pwdstr;
1089  struct passwd *pw = NULL;
1090  int pwerr;
1091 #endif
1092 
1093  /*
1094  * Some users are using configure --enable-thread-safety-force, so we
1095  * might as well do the locking within our library to protect
1096  * pqGetpwuid(). In fact, application developers can use getpwuid() in
1097  * their application if they use the locking call we provide, or install
1098  * their own locking function using PQregisterThreadLock().
1099  */
1100  pglock_thread();
1101 
1102 #ifdef WIN32
1103  if (GetUserName(username, &namesize))
1104  name = username;
1105  else if (errorMessage)
1106  appendPQExpBuffer(errorMessage,
1107  libpq_gettext("user name lookup failure: error code %lu\n"),
1108  GetLastError());
1109 #else
1110  pwerr = pqGetpwuid(user_id, &pwdstr, pwdbuf, sizeof(pwdbuf), &pw);
1111  if (pw != NULL)
1112  name = pw->pw_name;
1113  else if (errorMessage)
1114  {
1115  if (pwerr != 0)
1116  appendPQExpBuffer(errorMessage,
1117  libpq_gettext("could not look up local user ID %d: %s\n"),
1118  (int) user_id,
1119  strerror_r(pwerr, pwdbuf, sizeof(pwdbuf)));
1120  else
1121  appendPQExpBuffer(errorMessage,
1122  libpq_gettext("local user with ID %d does not exist\n"),
1123  (int) user_id);
1124  }
1125 #endif
1126 
1127  if (name)
1128  {
1129  result = strdup(name);
1130  if (result == NULL && errorMessage)
1131  appendPQExpBufferStr(errorMessage,
1132  libpq_gettext("out of memory\n"));
1133  }
1134 
1135  pgunlock_thread();
1136 
1137  return result;
1138 }
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
#define pglock_thread()
Definition: libpq-int.h:639
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
const char * username
Definition: pgbench.c:280
#define strerror_r
Definition: port.h:233
int uid_t
Definition: win32_port.h:236
const char * name
Definition: encode.c:515
int pqGetpwuid(uid_t uid, struct passwd *resultbuf, char *buffer, size_t buflen, struct passwd **result)
Definition: thread.c:65
#define pgunlock_thread()
Definition: libpq-int.h:640
#define libpq_gettext(x)
Definition: libpq-int.h:846

◆ pg_fe_scram_build_secret()

char* pg_fe_scram_build_secret ( const char *  password)

Definition at line 872 of file fe-auth-scram.c.

References free, pg_saslprep(), pg_strong_random(), SASLPREP_OOM, SASLPREP_SUCCESS, scram_build_secret(), SCRAM_DEFAULT_ITERATIONS, and SCRAM_DEFAULT_SALT_LEN.

Referenced by PQencryptPasswordConn().

873 {
874  char *prep_password;
875  pg_saslprep_rc rc;
876  char saltbuf[SCRAM_DEFAULT_SALT_LEN];
877  char *result;
878 
879  /*
880  * Normalize the password with SASLprep. If that doesn't work, because
881  * the password isn't valid UTF-8 or contains prohibited characters, just
882  * proceed with the original password. (See comments at top of file.)
883  */
884  rc = pg_saslprep(password, &prep_password);
885  if (rc == SASLPREP_OOM)
886  return NULL;
887  if (rc == SASLPREP_SUCCESS)
888  password = (const char *) prep_password;
889 
890  /* Generate a random salt */
892  {
893  if (prep_password)
894  free(prep_password);
895  return NULL;
896  }
897 
898  result = scram_build_secret(saltbuf, SCRAM_DEFAULT_SALT_LEN,
900 
901  if (prep_password)
902  free(prep_password);
903 
904  return result;
905 }
char * scram_build_secret(const char *salt, int saltlen, int iterations, const char *password)
Definition: scram-common.c:169
pg_saslprep_rc pg_saslprep(const char *input, char **output)
Definition: saslprep.c:1044
pg_saslprep_rc
Definition: saslprep.h:20
static char * password
Definition: streamutil.c:53
#define SCRAM_DEFAULT_SALT_LEN
Definition: scram-common.h:41
#define free(a)
Definition: header.h:65
bool pg_strong_random(void *buf, size_t len)
#define SCRAM_DEFAULT_ITERATIONS
Definition: scram-common.h:47

◆ pg_fe_scram_channel_bound()

bool pg_fe_scram_channel_bound ( void *  opaq)

Definition at line 132 of file fe-auth-scram.c.

References FE_SCRAM_FINISHED, fe_scram_state::sasl_mechanism, SCRAM_SHA_256_PLUS_NAME, and fe_scram_state::state.

Referenced by check_expected_areq().

133 {
134  fe_scram_state *state = (fe_scram_state *) opaq;
135 
136  /* no SCRAM exchange done */
137  if (state == NULL)
138  return false;
139 
140  /* SCRAM exchange not completed */
141  if (state->state != FE_SCRAM_FINISHED)
142  return false;
143 
144  /* channel binding mechanism not used */
145  if (strcmp(state->sasl_mechanism, SCRAM_SHA_256_PLUS_NAME) != 0)
146  return false;
147 
148  /* all clear! */
149  return true;
150 }
#define SCRAM_SHA_256_PLUS_NAME
Definition: scram-common.h:21
Definition: regguts.h:317
char * sasl_mechanism
Definition: fe-auth-scram.c:43
fe_scram_state_enum state
Definition: fe-auth-scram.c:38

◆ pg_fe_scram_exchange()

void pg_fe_scram_exchange ( void *  opaq,
char *  input,
int  inputlen,
char **  output,
int *  outputlen,
bool done,
bool success 
)

Definition at line 192 of file fe-auth-scram.c.

References appendPQExpBufferStr(), build_client_final_message(), build_client_first_message(), fe_scram_state::conn, conn, error(), pg_conn::errorMessage, FE_SCRAM_FINISHED, FE_SCRAM_INIT, FE_SCRAM_NONCE_SENT, FE_SCRAM_PROOF_SENT, libpq_gettext, read_server_final_message(), read_server_first_message(), fe_scram_state::state, and verify_server_signature().

Referenced by pg_SASL_continue(), and pg_SASL_init().

195 {
196  fe_scram_state *state = (fe_scram_state *) opaq;
197  PGconn *conn = state->conn;
198 
199  *done = false;
200  *success = false;
201  *output = NULL;
202  *outputlen = 0;
203 
204  /*
205  * Check that the input length agrees with the string length of the input.
206  * We can ignore inputlen after this.
207  */
208  if (state->state != FE_SCRAM_INIT)
209  {
210  if (inputlen == 0)
211  {
213  libpq_gettext("malformed SCRAM message (empty message)\n"));
214  goto error;
215  }
216  if (inputlen != strlen(input))
217  {
219  libpq_gettext("malformed SCRAM message (length mismatch)\n"));
220  goto error;
221  }
222  }
223 
224  switch (state->state)
225  {
226  case FE_SCRAM_INIT:
227  /* Begin the SCRAM handshake, by sending client nonce */
229  if (*output == NULL)
230  goto error;
231 
232  *outputlen = strlen(*output);
233  *done = false;
234  state->state = FE_SCRAM_NONCE_SENT;
235  break;
236 
237  case FE_SCRAM_NONCE_SENT:
238  /* Receive salt and server nonce, send response. */
239  if (!read_server_first_message(state, input))
240  goto error;
241 
243  if (*output == NULL)
244  goto error;
245 
246  *outputlen = strlen(*output);
247  *done = false;
248  state->state = FE_SCRAM_PROOF_SENT;
249  break;
250 
251  case FE_SCRAM_PROOF_SENT:
252  /* Receive server signature */
253  if (!read_server_final_message(state, input))
254  goto error;
255 
256  /*
257  * Verify server signature, to make sure we're talking to the
258  * genuine server.
259  */
260  if (!verify_server_signature(state, success))
261  {
263  libpq_gettext("could not verify server signature\n"));
264  goto error;
265  }
266 
267  if (!*success)
268  {
270  libpq_gettext("incorrect server signature\n"));
271  }
272  *done = true;
273  state->state = FE_SCRAM_FINISHED;
274  break;
275 
276  default:
277  /* shouldn't happen */
279  libpq_gettext("invalid SCRAM exchange state\n"));
280  goto error;
281  }
282  return;
283 
284 error:
285  *done = true;
286  *success = false;
287 }
static void error(void)
Definition: sql-dyntest.c:147
static void output(uint64 loop_count)
static bool verify_server_signature(fe_scram_state *state, bool *match)
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
static char * build_client_final_message(fe_scram_state *state)
PGconn * conn
Definition: streamutil.c:54
static bool read_server_final_message(fe_scram_state *state, char *input)
PQExpBufferData errorMessage
Definition: libpq-int.h:569
Definition: regguts.h:317
static bool read_server_first_message(fe_scram_state *state, char *input)
static char * build_client_first_message(fe_scram_state *state)
static bool success
Definition: initdb.c:165
#define libpq_gettext(x)
Definition: libpq-int.h:846
fe_scram_state_enum state
Definition: fe-auth-scram.c:38

◆ pg_fe_scram_free()

void pg_fe_scram_free ( void *  opaq)

Definition at line 156 of file fe-auth-scram.c.

References fe_scram_state::client_final_message_without_proof, fe_scram_state::client_first_message_bare, fe_scram_state::client_nonce, free, fe_scram_state::nonce, fe_scram_state::password, fe_scram_state::salt, fe_scram_state::sasl_mechanism, fe_scram_state::server_final_message, and fe_scram_state::server_first_message.

Referenced by pqDropConnection().

157 {
158  fe_scram_state *state = (fe_scram_state *) opaq;
159 
160  if (state->password)
161  free(state->password);
162  if (state->sasl_mechanism)
163  free(state->sasl_mechanism);
164 
165  /* client messages */
166  if (state->client_nonce)
167  free(state->client_nonce);
168  if (state->client_first_message_bare)
172 
173  /* first message from server */
174  if (state->server_first_message)
175  free(state->server_first_message);
176  if (state->salt)
177  free(state->salt);
178  if (state->nonce)
179  free(state->nonce);
180 
181  /* final message from server */
182  if (state->server_final_message)
183  free(state->server_final_message);
184 
185  free(state);
186 }
char * client_nonce
Definition: fe-auth-scram.c:47
char * server_first_message
Definition: fe-auth-scram.c:52
char * client_final_message_without_proof
Definition: fe-auth-scram.c:49
#define free(a)
Definition: header.h:65
Definition: regguts.h:317
char * client_first_message_bare
Definition: fe-auth-scram.c:48
char * sasl_mechanism
Definition: fe-auth-scram.c:43
char * server_final_message
Definition: fe-auth-scram.c:59

◆ pg_fe_scram_init()

void* pg_fe_scram_init ( PGconn conn,
const char *  password,
const char *  sasl_mechanism 
)

Definition at line 76 of file fe-auth-scram.c.

References Assert, fe_scram_state::conn, conn, FE_SCRAM_INIT, free, malloc, fe_scram_state::password, pg_saslprep(), fe_scram_state::sasl_mechanism, SASLPREP_OOM, SASLPREP_SUCCESS, and fe_scram_state::state.

Referenced by pg_SASL_init().

79 {
81  char *prep_password;
82  pg_saslprep_rc rc;
83 
84  Assert(sasl_mechanism != NULL);
85 
86  state = (fe_scram_state *) malloc(sizeof(fe_scram_state));
87  if (!state)
88  return NULL;
89  memset(state, 0, sizeof(fe_scram_state));
90  state->conn = conn;
91  state->state = FE_SCRAM_INIT;
92  state->sasl_mechanism = strdup(sasl_mechanism);
93 
94  if (!state->sasl_mechanism)
95  {
96  free(state);
97  return NULL;
98  }
99 
100  /* Normalize the password with SASLprep, if possible */
101  rc = pg_saslprep(password, &prep_password);
102  if (rc == SASLPREP_OOM)
103  {
104  free(state->sasl_mechanism);
105  free(state);
106  return NULL;
107  }
108  if (rc != SASLPREP_SUCCESS)
109  {
110  prep_password = strdup(password);
111  if (!prep_password)
112  {
113  free(state->sasl_mechanism);
114  free(state);
115  return NULL;
116  }
117  }
118  state->password = prep_password;
119 
120  return state;
121 }
pg_saslprep_rc pg_saslprep(const char *input, char **output)
Definition: saslprep.c:1044
#define malloc(a)
Definition: header.h:50
pg_saslprep_rc
Definition: saslprep.h:20
PGconn * conn
Definition: streamutil.c:54
static char * password
Definition: streamutil.c:53
#define free(a)
Definition: header.h:65
#define Assert(condition)
Definition: c.h:804
Definition: regguts.h:317
char * sasl_mechanism
Definition: fe-auth-scram.c:43
fe_scram_state_enum state
Definition: fe-auth-scram.c:38

◆ pg_fe_sendauth()

int pg_fe_sendauth ( AuthRequest  areq,
int  payloadlen,
PGconn conn 
)

Definition at line 863 of file fe-auth.c.

References appendPQExpBuffer(), appendPQExpBufferStr(), AUTH_REQ_CRYPT, AUTH_REQ_GSS, AUTH_REQ_GSS_CONT, AUTH_REQ_KRB4, AUTH_REQ_KRB5, AUTH_REQ_MD5, AUTH_REQ_OK, AUTH_REQ_PASSWORD, AUTH_REQ_SASL, AUTH_REQ_SASL_CONT, AUTH_REQ_SASL_FIN, AUTH_REQ_SCM_CREDS, AUTH_REQ_SSPI, check_expected_areq(), pg_conn::connhost, pg_conn::errorMessage, pg_conn::gsslib, PQExpBufferData::len, libpq_gettext, password, pg_conn_host::password, pg_conn::password_needed, pg_local_sendauth(), pg_password_sendauth(), pg_SASL_continue(), pg_SASL_init(), pg_strcasecmp(), pglock_thread, pg_conn::pgpass, pgunlock_thread, PQnoPasswordSupplied, pg_conn::sasl_state, STATUS_ERROR, STATUS_OK, and pg_conn::whichhost.

Referenced by PQconnectPoll().

864 {
865  int oldmsglen;
866 
867  if (!check_expected_areq(areq, conn))
868  return STATUS_ERROR;
869 
870  switch (areq)
871  {
872  case AUTH_REQ_OK:
873  break;
874 
875  case AUTH_REQ_KRB4:
877  libpq_gettext("Kerberos 4 authentication not supported\n"));
878  return STATUS_ERROR;
879 
880  case AUTH_REQ_KRB5:
882  libpq_gettext("Kerberos 5 authentication not supported\n"));
883  return STATUS_ERROR;
884 
885 #if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
886  case AUTH_REQ_GSS:
887 #if !defined(ENABLE_SSPI)
888  /* no native SSPI, so use GSSAPI library for it */
889  case AUTH_REQ_SSPI:
890 #endif
891  {
892  int r;
893 
894  pglock_thread();
895 
896  /*
897  * If we have both GSS and SSPI support compiled in, use SSPI
898  * support by default. This is overridable by a connection
899  * string parameter. Note that when using SSPI we still leave
900  * the negotiate parameter off, since we want SSPI to use the
901  * GSSAPI kerberos protocol. For actual SSPI negotiate
902  * protocol, we use AUTH_REQ_SSPI.
903  */
904 #if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
905  if (conn->gsslib && (pg_strcasecmp(conn->gsslib, "gssapi") == 0))
906  r = pg_GSS_startup(conn, payloadlen);
907  else
908  r = pg_SSPI_startup(conn, 0, payloadlen);
909 #elif defined(ENABLE_GSS) && !defined(ENABLE_SSPI)
910  r = pg_GSS_startup(conn, payloadlen);
911 #elif !defined(ENABLE_GSS) && defined(ENABLE_SSPI)
912  r = pg_SSPI_startup(conn, 0, payloadlen);
913 #endif
914  if (r != STATUS_OK)
915  {
916  /* Error message already filled in. */
917  pgunlock_thread();
918  return STATUS_ERROR;
919  }
920  pgunlock_thread();
921  }
922  break;
923 
924  case AUTH_REQ_GSS_CONT:
925  {
926  int r;
927 
928  pglock_thread();
929 #if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
930  if (conn->usesspi)
931  r = pg_SSPI_continue(conn, payloadlen);
932  else
933  r = pg_GSS_continue(conn, payloadlen);
934 #elif defined(ENABLE_GSS) && !defined(ENABLE_SSPI)
935  r = pg_GSS_continue(conn, payloadlen);
936 #elif !defined(ENABLE_GSS) && defined(ENABLE_SSPI)
937  r = pg_SSPI_continue(conn, payloadlen);
938 #endif
939  if (r != STATUS_OK)
940  {
941  /* Error message already filled in. */
942  pgunlock_thread();
943  return STATUS_ERROR;
944  }
945  pgunlock_thread();
946  }
947  break;
948 #else /* defined(ENABLE_GSS) || defined(ENABLE_SSPI) */
949  /* No GSSAPI *or* SSPI support */
950  case AUTH_REQ_GSS:
951  case AUTH_REQ_GSS_CONT:
953  libpq_gettext("GSSAPI authentication not supported\n"));
954  return STATUS_ERROR;
955 #endif /* defined(ENABLE_GSS) || defined(ENABLE_SSPI) */
956 
957 #ifdef ENABLE_SSPI
958  case AUTH_REQ_SSPI:
959 
960  /*
961  * SSPI has its own startup message so libpq can decide which
962  * method to use. Indicate to pg_SSPI_startup that we want SSPI
963  * negotiation instead of Kerberos.
964  */
965  pglock_thread();
966  if (pg_SSPI_startup(conn, 1, payloadlen) != STATUS_OK)
967  {
968  /* Error message already filled in. */
969  pgunlock_thread();
970  return STATUS_ERROR;
971  }
972  pgunlock_thread();
973  break;
974 #else
975 
976  /*
977  * No SSPI support. However, if we have GSSAPI but not SSPI
978  * support, AUTH_REQ_SSPI will have been handled in the codepath
979  * for AUTH_REQ_GSS above, so don't duplicate the case label in
980  * that case.
981  */
982 #if !defined(ENABLE_GSS)
983  case AUTH_REQ_SSPI:
985  libpq_gettext("SSPI authentication not supported\n"));
986  return STATUS_ERROR;
987 #endif /* !define(ENABLE_GSS) */
988 #endif /* ENABLE_SSPI */
989 
990 
991  case AUTH_REQ_CRYPT:
993  libpq_gettext("Crypt authentication not supported\n"));
994  return STATUS_ERROR;
995 
996  case AUTH_REQ_MD5:
997  case AUTH_REQ_PASSWORD:
998  {
999  char *password;
1000 
1001  conn->password_needed = true;
1002  password = conn->connhost[conn->whichhost].password;
1003  if (password == NULL)
1004  password = conn->pgpass;
1005  if (password == NULL || password[0] == '\0')
1006  {
1009  return STATUS_ERROR;
1010  }
1011  if (pg_password_sendauth(conn, password, areq) != STATUS_OK)
1012  {
1014  "fe_sendauth: error sending password authentication\n");
1015  return STATUS_ERROR;
1016  }
1017  break;
1018  }
1019 
1020  case AUTH_REQ_SASL:
1021 
1022  /*
1023  * The request contains the name (as assigned by IANA) of the
1024  * authentication mechanism.
1025  */
1026  if (pg_SASL_init(conn, payloadlen) != STATUS_OK)
1027  {
1028  /* pg_SASL_init already set the error message */
1029  return STATUS_ERROR;
1030  }
1031  break;
1032 
1033  case AUTH_REQ_SASL_CONT:
1034  case AUTH_REQ_SASL_FIN:
1035  if (conn->sasl_state == NULL)
1036  {
1038  "fe_sendauth: invalid authentication request from server: AUTH_REQ_SASL_CONT without AUTH_REQ_SASL\n");
1039  return STATUS_ERROR;
1040  }
1041  oldmsglen = conn->errorMessage.len;
1042  if (pg_SASL_continue(conn, payloadlen,
1043  (areq == AUTH_REQ_SASL_FIN)) != STATUS_OK)
1044  {
1045  /* Use this message if pg_SASL_continue didn't supply one */
1046  if (conn->errorMessage.len == oldmsglen)
1048  "fe_sendauth: error in SASL authentication\n");
1049  return STATUS_ERROR;
1050  }
1051  break;
1052 
1053  case AUTH_REQ_SCM_CREDS:
1054  if (pg_local_sendauth(conn) != STATUS_OK)
1055  return STATUS_ERROR;
1056  break;
1057 
1058  default:
1060  libpq_gettext("authentication method %u not supported\n"), areq);
1061  return STATUS_ERROR;
1062  }
1063 
1064  return STATUS_OK;
1065 }
#define AUTH_REQ_SSPI
Definition: pqcomm.h:160
static int pg_local_sendauth(PGconn *conn)
Definition: fe-auth.c:695
#define AUTH_REQ_SASL_FIN
Definition: pqcomm.h:163
bool password_needed
Definition: libpq-int.h:450
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition: pqexpbuffer.c:369
#define AUTH_REQ_OK
Definition: pqcomm.h:151
#define AUTH_REQ_GSS
Definition: pqcomm.h:158
static int pg_SASL_init(PGconn *conn, int payloadlen)
Definition: fe-auth.c:417
static int pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
Definition: fe-auth.c:747
#define STATUS_ERROR
Definition: c.h:1171
#define pglock_thread()
Definition: libpq-int.h:639
#define PQnoPasswordSupplied
Definition: libpq-fe.h:547
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
#define AUTH_REQ_MD5
Definition: pqcomm.h:156
static int pg_SASL_continue(PGconn *conn, int payloadlen, bool final)
Definition: fe-auth.c:625
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition: pqexpbuffer.c:267
pg_conn_host * connhost
Definition: libpq-int.h:426
void * sasl_state
Definition: libpq-int.h:503
static char * password
Definition: streamutil.c:53
#define AUTH_REQ_CRYPT
Definition: pqcomm.h:155
#define STATUS_OK
Definition: c.h:1170
#define AUTH_REQ_PASSWORD
Definition: pqcomm.h:154
char * gsslib
Definition: libpq-int.h:390
PQExpBufferData errorMessage
Definition: libpq-int.h:569
#define AUTH_REQ_KRB5
Definition: pqcomm.h:153
#define AUTH_REQ_SASL_CONT
Definition: pqcomm.h:162
#define AUTH_REQ_KRB4
Definition: pqcomm.h:152
char * pgpass
Definition: libpq-int.h:368
#define AUTH_REQ_SASL
Definition: pqcomm.h:161
#define AUTH_REQ_GSS_CONT
Definition: pqcomm.h:159
static bool check_expected_areq(AuthRequest areq, PGconn *conn)
Definition: fe-auth.c:813
#define pgunlock_thread()
Definition: libpq-int.h:640
int whichhost
Definition: libpq-int.h:425
#define libpq_gettext(x)
Definition: libpq-int.h:846
#define AUTH_REQ_SCM_CREDS
Definition: pqcomm.h:157
char * password
Definition: libpq-int.h:337