PostgreSQL Source Code git master
hbafuncs.c File Reference
#include "postgres.h"
#include "catalog/objectaddress.h"
#include "common/ip.h"
#include "funcapi.h"
#include "libpq/hba.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/guc.h"
Include dependency graph for hbafuncs.c:

Go to the source code of this file.

Macros

#define MAX_HBA_OPTIONS   15
 
#define NUM_PG_HBA_FILE_RULES_ATTS   11
 
#define NUM_PG_IDENT_FILE_MAPPINGS_ATTS   7
 

Functions

static ArrayTypeget_hba_options (HbaLine *hba)
 
static void fill_hba_line (Tuplestorestate *tuple_store, TupleDesc tupdesc, int rule_number, char *filename, int lineno, HbaLine *hba, const char *err_msg)
 
static void fill_hba_view (Tuplestorestate *tuple_store, TupleDesc tupdesc)
 
static void fill_ident_line (Tuplestorestate *tuple_store, TupleDesc tupdesc, int map_number, char *filename, int lineno, IdentLine *ident, const char *err_msg)
 
static void fill_ident_view (Tuplestorestate *tuple_store, TupleDesc tupdesc)
 
Datum pg_hba_file_rules (PG_FUNCTION_ARGS)
 
Datum pg_ident_file_mappings (PG_FUNCTION_ARGS)
 

Macro Definition Documentation

◆ MAX_HBA_OPTIONS

#define MAX_HBA_OPTIONS   15

Definition at line 45 of file hbafuncs.c.

◆ NUM_PG_HBA_FILE_RULES_ATTS

#define NUM_PG_HBA_FILE_RULES_ATTS   11

Definition at line 165 of file hbafuncs.c.

◆ NUM_PG_IDENT_FILE_MAPPINGS_ATTS

#define NUM_PG_IDENT_FILE_MAPPINGS_ATTS   7

Definition at line 450 of file hbafuncs.c.

Function Documentation

◆ fill_hba_line()

static void fill_hba_line ( Tuplestorestate tuple_store,
TupleDesc  tupdesc,
int  rule_number,
char *  filename,
int  lineno,
HbaLine hba,
const char *  err_msg 
)
static

Definition at line 183 of file hbafuncs.c.

186{
188 bool nulls[NUM_PG_HBA_FILE_RULES_ATTS];
189 char buffer[NI_MAXHOST];
190 HeapTuple tuple;
191 int index;
192 ListCell *lc;
193 const char *typestr;
194 const char *addrstr;
195 const char *maskstr;
197
199
200 memset(values, 0, sizeof(values));
201 memset(nulls, 0, sizeof(nulls));
202 index = 0;
203
204 /* rule_number, nothing on error */
205 if (err_msg)
206 nulls[index++] = true;
207 else
208 values[index++] = Int32GetDatum(rule_number);
209
210 /* file_name */
212
213 /* line_number */
214 values[index++] = Int32GetDatum(lineno);
215
216 if (hba != NULL)
217 {
218 /* type */
219 /* Avoid a default: case so compiler will warn about missing cases */
220 typestr = NULL;
221 switch (hba->conntype)
222 {
223 case ctLocal:
224 typestr = "local";
225 break;
226 case ctHost:
227 typestr = "host";
228 break;
229 case ctHostSSL:
230 typestr = "hostssl";
231 break;
232 case ctHostNoSSL:
233 typestr = "hostnossl";
234 break;
235 case ctHostGSS:
236 typestr = "hostgssenc";
237 break;
238 case ctHostNoGSS:
239 typestr = "hostnogssenc";
240 break;
241 }
242 if (typestr)
243 values[index++] = CStringGetTextDatum(typestr);
244 else
245 nulls[index++] = true;
246
247 /* database */
248 if (hba->databases)
249 {
250 /*
251 * Flatten AuthToken list to string list. It might seem that we
252 * should re-quote any quoted tokens, but that has been rejected
253 * on the grounds that it makes it harder to compare the array
254 * elements to other system catalogs. That makes entries like
255 * "all" or "samerole" formally ambiguous ... but users who name
256 * databases/roles that way are inflicting their own pain.
257 */
258 List *names = NIL;
259
260 foreach(lc, hba->databases)
261 {
262 AuthToken *tok = lfirst(lc);
263
264 names = lappend(names, tok->string);
265 }
267 }
268 else
269 nulls[index++] = true;
270
271 /* user */
272 if (hba->roles)
273 {
274 /* Flatten AuthToken list to string list; see comment above */
275 List *roles = NIL;
276
277 foreach(lc, hba->roles)
278 {
279 AuthToken *tok = lfirst(lc);
280
281 roles = lappend(roles, tok->string);
282 }
284 }
285 else
286 nulls[index++] = true;
287
288 /* address and netmask */
289 /* Avoid a default: case so compiler will warn about missing cases */
290 addrstr = maskstr = NULL;
291 switch (hba->ip_cmp_method)
292 {
293 case ipCmpMask:
294 if (hba->hostname)
295 {
296 addrstr = hba->hostname;
297 }
298 else
299 {
300 /*
301 * Note: if pg_getnameinfo_all fails, it'll set buffer to
302 * "???", which we want to return.
303 */
304 if (hba->addrlen > 0)
305 {
306 if (pg_getnameinfo_all(&hba->addr, hba->addrlen,
307 buffer, sizeof(buffer),
308 NULL, 0,
309 NI_NUMERICHOST) == 0)
310 clean_ipv6_addr(hba->addr.ss_family, buffer);
311 addrstr = pstrdup(buffer);
312 }
313 if (hba->masklen > 0)
314 {
315 if (pg_getnameinfo_all(&hba->mask, hba->masklen,
316 buffer, sizeof(buffer),
317 NULL, 0,
318 NI_NUMERICHOST) == 0)
319 clean_ipv6_addr(hba->mask.ss_family, buffer);
320 maskstr = pstrdup(buffer);
321 }
322 }
323 break;
324 case ipCmpAll:
325 addrstr = "all";
326 break;
327 case ipCmpSameHost:
328 addrstr = "samehost";
329 break;
330 case ipCmpSameNet:
331 addrstr = "samenet";
332 break;
333 }
334 if (addrstr)
335 values[index++] = CStringGetTextDatum(addrstr);
336 else
337 nulls[index++] = true;
338 if (maskstr)
339 values[index++] = CStringGetTextDatum(maskstr);
340 else
341 nulls[index++] = true;
342
343 /* auth_method */
345
346 /* options */
348 if (options)
350 else
351 nulls[index++] = true;
352 }
353 else
354 {
355 /* no parsing result, so set relevant fields to nulls */
356 memset(&nulls[3], true, (NUM_PG_HBA_FILE_RULES_ATTS - 4) * sizeof(bool));
357 }
358
359 /* error */
360 if (err_msg)
362 else
363 nulls[NUM_PG_HBA_FILE_RULES_ATTS - 1] = true;
364
365 tuple = heap_form_tuple(tupdesc, values, nulls);
366 tuplestore_puttuple(tuple_store, tuple);
367}
static Datum values[MAXATTR]
Definition: bootstrap.c:151
#define CStringGetTextDatum(s)
Definition: builtins.h:97
#define Assert(condition)
Definition: c.h:815
const char * hba_authname(UserAuth auth_method)
Definition: hba.c:3065
@ ipCmpAll
Definition: hba.h:54
@ ipCmpSameNet
Definition: hba.h:53
@ ipCmpMask
Definition: hba.h:51
@ ipCmpSameHost
Definition: hba.h:52
@ ctHostNoGSS
Definition: hba.h:64
@ ctHostSSL
Definition: hba.h:61
@ ctHostNoSSL
Definition: hba.h:62
@ ctHost
Definition: hba.h:60
@ ctHostGSS
Definition: hba.h:63
@ ctLocal
Definition: hba.h:59
#define NUM_PG_HBA_FILE_RULES_ATTS
Definition: hbafuncs.c:165
static ArrayType * get_hba_options(HbaLine *hba)
Definition: hbafuncs.c:52
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, const Datum *values, const bool *isnull)
Definition: heaptuple.c:1117
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
Definition: ip.c:114
List * lappend(List *list, void *datum)
Definition: list.c:339
char * pstrdup(const char *in)
Definition: mcxt.c:1696
void clean_ipv6_addr(int addr_family, char *addr)
Definition: network.c:2089
ArrayType * strlist_to_textarray(List *list)
static char * filename
Definition: pg_dumpall.c:119
#define lfirst(lc)
Definition: pg_list.h:172
#define NIL
Definition: pg_list.h:68
static char ** options
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:327
uintptr_t Datum
Definition: postgres.h:69
static Datum Int32GetDatum(int32 X)
Definition: postgres.h:217
Definition: hba.h:88
char * string
Definition: hba.h:89
UserAuth auth_method
Definition: hba.h:108
struct sockaddr_storage mask
Definition: hba.h:104
int addrlen
Definition: hba.h:103
int masklen
Definition: hba.h:105
char * hostname
Definition: hba.h:107
List * databases
Definition: hba.h:100
ConnType conntype
Definition: hba.h:99
struct sockaddr_storage addr
Definition: hba.h:102
List * roles
Definition: hba.h:101
IPCompareMethod ip_cmp_method
Definition: hba.h:106
Definition: pg_list.h:54
Definition: type.h:96
void tuplestore_puttuple(Tuplestorestate *state, HeapTuple tuple)
Definition: tuplestore.c:764

References HbaLine::addr, HbaLine::addrlen, Assert, HbaLine::auth_method, clean_ipv6_addr(), HbaLine::conntype, CStringGetTextDatum, ctHost, ctHostGSS, ctHostNoGSS, ctHostNoSSL, ctHostSSL, ctLocal, HbaLine::databases, filename, get_hba_options(), hba_authname(), heap_form_tuple(), HbaLine::hostname, Int32GetDatum(), HbaLine::ip_cmp_method, ipCmpAll, ipCmpMask, ipCmpSameHost, ipCmpSameNet, lappend(), lfirst, HbaLine::mask, HbaLine::masklen, TupleDescData::natts, NIL, NUM_PG_HBA_FILE_RULES_ATTS, options, pg_getnameinfo_all(), PointerGetDatum(), pstrdup(), HbaLine::roles, AuthToken::string, strlist_to_textarray(), tuplestore_puttuple(), and values.

Referenced by fill_hba_view().

◆ fill_hba_view()

static void fill_hba_view ( Tuplestorestate tuple_store,
TupleDesc  tupdesc 
)
static

Definition at line 374 of file hbafuncs.c.

375{
376 FILE *file;
377 List *hba_lines = NIL;
378 ListCell *line;
379 int rule_number = 0;
380 MemoryContext hbacxt;
381 MemoryContext oldcxt;
382
383 /*
384 * In the unlikely event that we can't open pg_hba.conf, we throw an
385 * error, rather than trying to report it via some sort of view entry.
386 * (Most other error conditions should result in a message in a view
387 * entry.)
388 */
389 file = open_auth_file(HbaFileName, ERROR, 0, NULL);
390
391 tokenize_auth_file(HbaFileName, file, &hba_lines, DEBUG3, 0);
392
393 /* Now parse all the lines */
395 "hba parser context",
397 oldcxt = MemoryContextSwitchTo(hbacxt);
398 foreach(line, hba_lines)
399 {
400 TokenizedAuthLine *tok_line = (TokenizedAuthLine *) lfirst(line);
401 HbaLine *hbaline = NULL;
402
403 /* don't parse lines that already have errors */
404 if (tok_line->err_msg == NULL)
405 hbaline = parse_hba_line(tok_line, DEBUG3);
406
407 /* No error, set a new rule number */
408 if (tok_line->err_msg == NULL)
409 rule_number++;
410
411 fill_hba_line(tuple_store, tupdesc, rule_number,
412 tok_line->file_name, tok_line->line_num, hbaline,
413 tok_line->err_msg);
414 }
415
416 /* Free tokenizer memory */
417 free_auth_file(file, 0);
418 /* Free parse_hba_line memory */
419 MemoryContextSwitchTo(oldcxt);
420 MemoryContextDelete(hbacxt);
421}
#define DEBUG3
Definition: elog.h:28
#define ERROR
Definition: elog.h:39
char * HbaFileName
Definition: guc_tables.c:539
HbaLine * parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
Definition: hba.c:1326
void free_auth_file(FILE *file, int depth)
Definition: hba.c:570
void tokenize_auth_file(const char *filename, FILE *file, List **tok_lines, int elevel, int depth)
Definition: hba.c:689
FILE * open_auth_file(const char *filename, int elevel, int depth, char **err_msg)
Definition: hba.c:595
static void fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc, int rule_number, char *filename, int lineno, HbaLine *hba, const char *err_msg)
Definition: hbafuncs.c:183
MemoryContext CurrentMemoryContext
Definition: mcxt.c:143
void MemoryContextDelete(MemoryContext context)
Definition: mcxt.c:454
#define AllocSetContextCreate
Definition: memutils.h:129
#define ALLOCSET_SMALL_SIZES
Definition: memutils.h:170
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:124
Definition: hba.h:95
int line_num
Definition: hba.h:162
char * file_name
Definition: hba.h:161
char * err_msg
Definition: hba.h:164

References ALLOCSET_SMALL_SIZES, AllocSetContextCreate, CurrentMemoryContext, DEBUG3, TokenizedAuthLine::err_msg, ERROR, TokenizedAuthLine::file_name, fill_hba_line(), free_auth_file(), HbaFileName, lfirst, TokenizedAuthLine::line_num, MemoryContextDelete(), MemoryContextSwitchTo(), NIL, open_auth_file(), parse_hba_line(), and tokenize_auth_file().

Referenced by pg_hba_file_rules().

◆ fill_ident_line()

static void fill_ident_line ( Tuplestorestate tuple_store,
TupleDesc  tupdesc,
int  map_number,
char *  filename,
int  lineno,
IdentLine ident,
const char *  err_msg 
)
static

Definition at line 468 of file hbafuncs.c.

471{
474 HeapTuple tuple;
475 int index;
476
478
479 memset(values, 0, sizeof(values));
480 memset(nulls, 0, sizeof(nulls));
481 index = 0;
482
483 /* map_number, nothing on error */
484 if (err_msg)
485 nulls[index++] = true;
486 else
487 values[index++] = Int32GetDatum(map_number);
488
489 /* file_name */
491
492 /* line_number */
493 values[index++] = Int32GetDatum(lineno);
494
495 if (ident != NULL)
496 {
497 values[index++] = CStringGetTextDatum(ident->usermap);
498 values[index++] = CStringGetTextDatum(ident->system_user->string);
499 values[index++] = CStringGetTextDatum(ident->pg_user->string);
500 }
501 else
502 {
503 /* no parsing result, so set relevant fields to nulls */
504 memset(&nulls[3], true, (NUM_PG_IDENT_FILE_MAPPINGS_ATTS - 4) * sizeof(bool));
505 }
506
507 /* error */
508 if (err_msg)
510 else
511 nulls[NUM_PG_IDENT_FILE_MAPPINGS_ATTS - 1] = true;
512
513 tuple = heap_form_tuple(tupdesc, values, nulls);
514 tuplestore_puttuple(tuple_store, tuple);
515}
#define NUM_PG_IDENT_FILE_MAPPINGS_ATTS
Definition: hbafuncs.c:450
#define ident
Definition: indent_codes.h:47

References Assert, CStringGetTextDatum, filename, heap_form_tuple(), ident, Int32GetDatum(), TupleDescData::natts, NUM_PG_IDENT_FILE_MAPPINGS_ATTS, tuplestore_puttuple(), and values.

Referenced by fill_ident_view().

◆ fill_ident_view()

static void fill_ident_view ( Tuplestorestate tuple_store,
TupleDesc  tupdesc 
)
static

Definition at line 521 of file hbafuncs.c.

522{
523 FILE *file;
524 List *ident_lines = NIL;
525 ListCell *line;
526 int map_number = 0;
527 MemoryContext identcxt;
528 MemoryContext oldcxt;
529
530 /*
531 * In the unlikely event that we can't open pg_ident.conf, we throw an
532 * error, rather than trying to report it via some sort of view entry.
533 * (Most other error conditions should result in a message in a view
534 * entry.)
535 */
536 file = open_auth_file(IdentFileName, ERROR, 0, NULL);
537
538 tokenize_auth_file(IdentFileName, file, &ident_lines, DEBUG3, 0);
539
540 /* Now parse all the lines */
542 "ident parser context",
544 oldcxt = MemoryContextSwitchTo(identcxt);
545 foreach(line, ident_lines)
546 {
547 TokenizedAuthLine *tok_line = (TokenizedAuthLine *) lfirst(line);
548 IdentLine *identline = NULL;
549
550 /* don't parse lines that already have errors */
551 if (tok_line->err_msg == NULL)
552 identline = parse_ident_line(tok_line, DEBUG3);
553
554 /* no error, set a new mapping number */
555 if (tok_line->err_msg == NULL)
556 map_number++;
557
558 fill_ident_line(tuple_store, tupdesc, map_number,
559 tok_line->file_name, tok_line->line_num,
560 identline, tok_line->err_msg);
561 }
562
563 /* Free tokenizer memory */
564 free_auth_file(file, 0);
565 /* Free parse_ident_line memory */
566 MemoryContextSwitchTo(oldcxt);
567 MemoryContextDelete(identcxt);
568}
char * IdentFileName
Definition: guc_tables.c:540
IdentLine * parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
Definition: hba.c:2693
static void fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc, int map_number, char *filename, int lineno, IdentLine *ident, const char *err_msg)
Definition: hbafuncs.c:468
Definition: hba.h:141

References ALLOCSET_SMALL_SIZES, AllocSetContextCreate, CurrentMemoryContext, DEBUG3, TokenizedAuthLine::err_msg, ERROR, TokenizedAuthLine::file_name, fill_ident_line(), free_auth_file(), IdentFileName, lfirst, TokenizedAuthLine::line_num, MemoryContextDelete(), MemoryContextSwitchTo(), NIL, open_auth_file(), parse_ident_line(), and tokenize_auth_file().

Referenced by pg_ident_file_mappings().

◆ get_hba_options()

static ArrayType * get_hba_options ( HbaLine hba)
static

Definition at line 52 of file hbafuncs.c.

53{
54 int noptions;
56
57 noptions = 0;
58
59 if (hba->auth_method == uaGSS || hba->auth_method == uaSSPI)
60 {
61 if (hba->include_realm)
62 options[noptions++] =
63 CStringGetTextDatum("include_realm=true");
64
65 if (hba->krb_realm)
66 options[noptions++] =
67 CStringGetTextDatum(psprintf("krb_realm=%s", hba->krb_realm));
68 }
69
70 if (hba->usermap)
71 options[noptions++] =
72 CStringGetTextDatum(psprintf("map=%s", hba->usermap));
73
74 if (hba->clientcert != clientCertOff)
75 options[noptions++] =
76 CStringGetTextDatum(psprintf("clientcert=%s", (hba->clientcert == clientCertCA) ? "verify-ca" : "verify-full"));
77
78 if (hba->pamservice)
79 options[noptions++] =
80 CStringGetTextDatum(psprintf("pamservice=%s", hba->pamservice));
81
82 if (hba->auth_method == uaLDAP)
83 {
84 if (hba->ldapserver)
85 options[noptions++] =
86 CStringGetTextDatum(psprintf("ldapserver=%s", hba->ldapserver));
87
88 if (hba->ldapport)
89 options[noptions++] =
90 CStringGetTextDatum(psprintf("ldapport=%d", hba->ldapport));
91
92 if (hba->ldapscheme)
93 options[noptions++] =
94 CStringGetTextDatum(psprintf("ldapscheme=%s", hba->ldapscheme));
95
96 if (hba->ldaptls)
97 options[noptions++] =
98 CStringGetTextDatum("ldaptls=true");
99
100 if (hba->ldapprefix)
101 options[noptions++] =
102 CStringGetTextDatum(psprintf("ldapprefix=%s", hba->ldapprefix));
103
104 if (hba->ldapsuffix)
105 options[noptions++] =
106 CStringGetTextDatum(psprintf("ldapsuffix=%s", hba->ldapsuffix));
107
108 if (hba->ldapbasedn)
109 options[noptions++] =
110 CStringGetTextDatum(psprintf("ldapbasedn=%s", hba->ldapbasedn));
111
112 if (hba->ldapbinddn)
113 options[noptions++] =
114 CStringGetTextDatum(psprintf("ldapbinddn=%s", hba->ldapbinddn));
115
116 if (hba->ldapbindpasswd)
117 options[noptions++] =
118 CStringGetTextDatum(psprintf("ldapbindpasswd=%s",
119 hba->ldapbindpasswd));
120
121 if (hba->ldapsearchattribute)
122 options[noptions++] =
123 CStringGetTextDatum(psprintf("ldapsearchattribute=%s",
124 hba->ldapsearchattribute));
125
126 if (hba->ldapsearchfilter)
127 options[noptions++] =
128 CStringGetTextDatum(psprintf("ldapsearchfilter=%s",
129 hba->ldapsearchfilter));
130
131 if (hba->ldapscope)
132 options[noptions++] =
133 CStringGetTextDatum(psprintf("ldapscope=%d", hba->ldapscope));
134 }
135
136 if (hba->auth_method == uaRADIUS)
137 {
138 if (hba->radiusservers_s)
139 options[noptions++] =
140 CStringGetTextDatum(psprintf("radiusservers=%s", hba->radiusservers_s));
141
142 if (hba->radiussecrets_s)
143 options[noptions++] =
144 CStringGetTextDatum(psprintf("radiussecrets=%s", hba->radiussecrets_s));
145
146 if (hba->radiusidentifiers_s)
147 options[noptions++] =
148 CStringGetTextDatum(psprintf("radiusidentifiers=%s", hba->radiusidentifiers_s));
149
150 if (hba->radiusports_s)
151 options[noptions++] =
152 CStringGetTextDatum(psprintf("radiusports=%s", hba->radiusports_s));
153 }
154
155 /* If you add more options, consider increasing MAX_HBA_OPTIONS. */
157
158 if (noptions > 0)
159 return construct_array_builtin(options, noptions, TEXTOID);
160 else
161 return NULL;
162}
ArrayType * construct_array_builtin(Datum *elems, int nelems, Oid elmtype)
Definition: arrayfuncs.c:3381
@ uaLDAP
Definition: hba.h:38
@ uaGSS
Definition: hba.h:34
@ uaRADIUS
Definition: hba.h:40
@ uaSSPI
Definition: hba.h:35
@ clientCertOff
Definition: hba.h:69
@ clientCertCA
Definition: hba.h:70
#define MAX_HBA_OPTIONS
Definition: hbafuncs.c:45
static size_t noptions
char * psprintf(const char *fmt,...)
Definition: psprintf.c:43
char * ldapserver
Definition: hba.h:114
bool include_realm
Definition: hba.h:127
ClientCertMode clientcert
Definition: hba.h:124
char * ldapsearchfilter
Definition: hba.h:119
char * ldapscheme
Definition: hba.h:113
char * ldapprefix
Definition: hba.h:122
char * ldapsearchattribute
Definition: hba.h:118
char * krb_realm
Definition: hba.h:126
char * ldapbasedn
Definition: hba.h:120
char * radiussecrets_s
Definition: hba.h:133
char * pamservice
Definition: hba.h:110
char * usermap
Definition: hba.h:109
char * ldapsuffix
Definition: hba.h:123
int ldapport
Definition: hba.h:115
char * ldapbindpasswd
Definition: hba.h:117
char * radiusports_s
Definition: hba.h:137
char * ldapbinddn
Definition: hba.h:116
int ldapscope
Definition: hba.h:121
bool ldaptls
Definition: hba.h:112
char * radiusservers_s
Definition: hba.h:131
char * radiusidentifiers_s
Definition: hba.h:135

References Assert, HbaLine::auth_method, HbaLine::clientcert, clientCertCA, clientCertOff, construct_array_builtin(), CStringGetTextDatum, HbaLine::include_realm, HbaLine::krb_realm, HbaLine::ldapbasedn, HbaLine::ldapbinddn, HbaLine::ldapbindpasswd, HbaLine::ldapport, HbaLine::ldapprefix, HbaLine::ldapscheme, HbaLine::ldapscope, HbaLine::ldapsearchattribute, HbaLine::ldapsearchfilter, HbaLine::ldapserver, HbaLine::ldapsuffix, HbaLine::ldaptls, MAX_HBA_OPTIONS, noptions, HbaLine::pamservice, psprintf(), HbaLine::radiusidentifiers_s, HbaLine::radiusports_s, HbaLine::radiussecrets_s, HbaLine::radiusservers_s, uaGSS, uaLDAP, uaRADIUS, uaSSPI, and HbaLine::usermap.

Referenced by fill_hba_line().

◆ pg_hba_file_rules()

Datum pg_hba_file_rules ( PG_FUNCTION_ARGS  )

Definition at line 430 of file hbafuncs.c.

431{
432 ReturnSetInfo *rsi;
433
434 /*
435 * Build tuplestore to hold the result rows. We must use the Materialize
436 * mode to be safe against HBA file changes while the cursor is open. It's
437 * also more efficient than having to look up our current position in the
438 * parsed list every time.
439 */
440 InitMaterializedSRF(fcinfo, 0);
441
442 /* Fill the tuplestore */
443 rsi = (ReturnSetInfo *) fcinfo->resultinfo;
444 fill_hba_view(rsi->setResult, rsi->setDesc);
445
447}
#define PG_RETURN_NULL()
Definition: fmgr.h:345
void InitMaterializedSRF(FunctionCallInfo fcinfo, bits32 flags)
Definition: funcapi.c:76
static void fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
Definition: hbafuncs.c:374
TupleDesc setDesc
Definition: execnodes.h:358
Tuplestorestate * setResult
Definition: execnodes.h:357

References fill_hba_view(), InitMaterializedSRF(), PG_RETURN_NULL, ReturnSetInfo::setDesc, and ReturnSetInfo::setResult.

◆ pg_ident_file_mappings()

Datum pg_ident_file_mappings ( PG_FUNCTION_ARGS  )

Definition at line 574 of file hbafuncs.c.

575{
576 ReturnSetInfo *rsi;
577
578 /*
579 * Build tuplestore to hold the result rows. We must use the Materialize
580 * mode to be safe against HBA file changes while the cursor is open. It's
581 * also more efficient than having to look up our current position in the
582 * parsed list every time.
583 */
584 InitMaterializedSRF(fcinfo, 0);
585
586 /* Fill the tuplestore */
587 rsi = (ReturnSetInfo *) fcinfo->resultinfo;
589
591}
static void fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
Definition: hbafuncs.c:521

References fill_ident_view(), InitMaterializedSRF(), PG_RETURN_NULL, ReturnSetInfo::setDesc, and ReturnSetInfo::setResult.