PostgreSQL Source Code  git master
hbafuncs.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * hbafuncs.c
4  * Support functions for SQL views of authentication files.
5  *
6  * Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
7  * Portions Copyright (c) 1994, Regents of the University of California
8  *
9  *
10  * IDENTIFICATION
11  * src/backend/utils/adt/hbafuncs.c
12  *
13  *-------------------------------------------------------------------------
14  */
15 #include "postgres.h"
16 
17 #include "catalog/objectaddress.h"
18 #include "common/ip.h"
19 #include "funcapi.h"
20 #include "libpq/hba.h"
21 #include "miscadmin.h"
22 #include "utils/array.h"
23 #include "utils/builtins.h"
24 #include "utils/guc.h"
25 
26 
27 static ArrayType *get_hba_options(HbaLine *hba);
28 static void fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
29  int rule_number, char *filename, int lineno,
30  HbaLine *hba, const char *err_msg);
31 static void fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc);
32 static void fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
33  int map_number, char *filename, int lineno,
34  IdentLine *ident, const char *err_msg);
35 static void fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc);
36 
37 
38 /*
39  * This macro specifies the maximum number of authentication options
40  * that are possible with any given authentication method that is supported.
41  * Currently LDAP supports 11, and there are 3 that are not dependent on
42  * the auth method here. It may not actually be possible to set all of them
43  * at the same time, but we'll set the macro value high enough to be
44  * conservative and avoid warnings from static analysis tools.
45  */
46 #define MAX_HBA_OPTIONS 14
47 
48 /*
49  * Create a text array listing the options specified in the HBA line.
50  * Return NULL if no options are specified.
51  */
52 static ArrayType *
53 get_hba_options(HbaLine *hba)
54 {
55  int noptions;
56  Datum options[MAX_HBA_OPTIONS];
57 
58  noptions = 0;
59 
60  if (hba->auth_method == uaGSS || hba->auth_method == uaSSPI)
61  {
62  if (hba->include_realm)
63  options[noptions++] =
64  CStringGetTextDatum("include_realm=true");
65 
66  if (hba->krb_realm)
67  options[noptions++] =
68  CStringGetTextDatum(psprintf("krb_realm=%s", hba->krb_realm));
69  }
70 
71  if (hba->usermap)
72  options[noptions++] =
73  CStringGetTextDatum(psprintf("map=%s", hba->usermap));
74 
75  if (hba->clientcert != clientCertOff)
76  options[noptions++] =
77  CStringGetTextDatum(psprintf("clientcert=%s", (hba->clientcert == clientCertCA) ? "verify-ca" : "verify-full"));
78 
79  if (hba->pamservice)
80  options[noptions++] =
81  CStringGetTextDatum(psprintf("pamservice=%s", hba->pamservice));
82 
83  if (hba->auth_method == uaLDAP)
84  {
85  if (hba->ldapserver)
86  options[noptions++] =
87  CStringGetTextDatum(psprintf("ldapserver=%s", hba->ldapserver));
88 
89  if (hba->ldapport)
90  options[noptions++] =
91  CStringGetTextDatum(psprintf("ldapport=%d", hba->ldapport));
92 
93  if (hba->ldaptls)
94  options[noptions++] =
95  CStringGetTextDatum("ldaptls=true");
96 
97  if (hba->ldapprefix)
98  options[noptions++] =
99  CStringGetTextDatum(psprintf("ldapprefix=%s", hba->ldapprefix));
100 
101  if (hba->ldapsuffix)
102  options[noptions++] =
103  CStringGetTextDatum(psprintf("ldapsuffix=%s", hba->ldapsuffix));
104 
105  if (hba->ldapbasedn)
106  options[noptions++] =
107  CStringGetTextDatum(psprintf("ldapbasedn=%s", hba->ldapbasedn));
108 
109  if (hba->ldapbinddn)
110  options[noptions++] =
111  CStringGetTextDatum(psprintf("ldapbinddn=%s", hba->ldapbinddn));
112 
113  if (hba->ldapbindpasswd)
114  options[noptions++] =
115  CStringGetTextDatum(psprintf("ldapbindpasswd=%s",
116  hba->ldapbindpasswd));
117 
118  if (hba->ldapsearchattribute)
119  options[noptions++] =
120  CStringGetTextDatum(psprintf("ldapsearchattribute=%s",
121  hba->ldapsearchattribute));
122 
123  if (hba->ldapsearchfilter)
124  options[noptions++] =
125  CStringGetTextDatum(psprintf("ldapsearchfilter=%s",
126  hba->ldapsearchfilter));
127 
128  if (hba->ldapscope)
129  options[noptions++] =
130  CStringGetTextDatum(psprintf("ldapscope=%d", hba->ldapscope));
131  }
132 
133  if (hba->auth_method == uaRADIUS)
134  {
135  if (hba->radiusservers_s)
136  options[noptions++] =
137  CStringGetTextDatum(psprintf("radiusservers=%s", hba->radiusservers_s));
138 
139  if (hba->radiussecrets_s)
140  options[noptions++] =
141  CStringGetTextDatum(psprintf("radiussecrets=%s", hba->radiussecrets_s));
142 
143  if (hba->radiusidentifiers_s)
144  options[noptions++] =
145  CStringGetTextDatum(psprintf("radiusidentifiers=%s", hba->radiusidentifiers_s));
146 
147  if (hba->radiusports_s)
148  options[noptions++] =
149  CStringGetTextDatum(psprintf("radiusports=%s", hba->radiusports_s));
150  }
151 
152  /* If you add more options, consider increasing MAX_HBA_OPTIONS. */
153  Assert(noptions <= MAX_HBA_OPTIONS);
154 
155  if (noptions > 0)
156  return construct_array_builtin(options, noptions, TEXTOID);
157  else
158  return NULL;
159 }
160 
161 /* Number of columns in pg_hba_file_rules view */
162 #define NUM_PG_HBA_FILE_RULES_ATTS 11
163 
164 /*
165  * fill_hba_line
166  * Build one row of pg_hba_file_rules view, add it to tuplestore.
167  *
168  * tuple_store: where to store data
169  * tupdesc: tuple descriptor for the view
170  * rule_number: unique identifier among all valid rules
171  * filename: configuration file name (must always be valid)
172  * lineno: line number of configuration file (must always be valid)
173  * hba: parsed line data (can be NULL, in which case err_msg should be set)
174  * err_msg: error message (NULL if none)
175  *
176  * Note: leaks memory, but we don't care since this is run in a short-lived
177  * memory context.
178  */
179 static void
180 fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
181  int rule_number, char *filename, int lineno, HbaLine *hba,
182  const char *err_msg)
183 {
184  Datum values[NUM_PG_HBA_FILE_RULES_ATTS];
185  bool nulls[NUM_PG_HBA_FILE_RULES_ATTS];
186  char buffer[NI_MAXHOST];
187  HeapTuple tuple;
188  int index;
189  ListCell *lc;
190  const char *typestr;
191  const char *addrstr;
192  const char *maskstr;
193  ArrayType *options;
194 
195  Assert(tupdesc->natts == NUM_PG_HBA_FILE_RULES_ATTS);
196 
197  memset(values, 0, sizeof(values));
198  memset(nulls, 0, sizeof(nulls));
199  index = 0;
200 
201  /* rule_number, nothing on error */
202  if (err_msg)
203  nulls[index++] = true;
204  else
205  values[index++] = Int32GetDatum(rule_number);
206 
207  /* file_name */
208  values[index++] = CStringGetTextDatum(filename);
209 
210  /* line_number */
211  values[index++] = Int32GetDatum(lineno);
212 
213  if (hba != NULL)
214  {
215  /* type */
216  /* Avoid a default: case so compiler will warn about missing cases */
217  typestr = NULL;
218  switch (hba->conntype)
219  {
220  case ctLocal:
221  typestr = "local";
222  break;
223  case ctHost:
224  typestr = "host";
225  break;
226  case ctHostSSL:
227  typestr = "hostssl";
228  break;
229  case ctHostNoSSL:
230  typestr = "hostnossl";
231  break;
232  case ctHostGSS:
233  typestr = "hostgssenc";
234  break;
235  case ctHostNoGSS:
236  typestr = "hostnogssenc";
237  break;
238  }
239  if (typestr)
240  values[index++] = CStringGetTextDatum(typestr);
241  else
242  nulls[index++] = true;
243 
244  /* database */
245  if (hba->databases)
246  {
247  /*
248  * Flatten AuthToken list to string list. It might seem that we
249  * should re-quote any quoted tokens, but that has been rejected
250  * on the grounds that it makes it harder to compare the array
251  * elements to other system catalogs. That makes entries like
252  * "all" or "samerole" formally ambiguous ... but users who name
253  * databases/roles that way are inflicting their own pain.
254  */
255  List *names = NIL;
256 
257  foreach(lc, hba->databases)
258  {
259  AuthToken *tok = lfirst(lc);
260 
261  names = lappend(names, tok->string);
262  }
263  values[index++] = PointerGetDatum(strlist_to_textarray(names));
264  }
265  else
266  nulls[index++] = true;
267 
268  /* user */
269  if (hba->roles)
270  {
271  /* Flatten AuthToken list to string list; see comment above */
272  List *roles = NIL;
273 
274  foreach(lc, hba->roles)
275  {
276  AuthToken *tok = lfirst(lc);
277 
278  roles = lappend(roles, tok->string);
279  }
280  values[index++] = PointerGetDatum(strlist_to_textarray(roles));
281  }
282  else
283  nulls[index++] = true;
284 
285  /* address and netmask */
286  /* Avoid a default: case so compiler will warn about missing cases */
287  addrstr = maskstr = NULL;
288  switch (hba->ip_cmp_method)
289  {
290  case ipCmpMask:
291  if (hba->hostname)
292  {
293  addrstr = hba->hostname;
294  }
295  else
296  {
297  /*
298  * Note: if pg_getnameinfo_all fails, it'll set buffer to
299  * "???", which we want to return.
300  */
301  if (hba->addrlen > 0)
302  {
303  if (pg_getnameinfo_all(&hba->addr, hba->addrlen,
304  buffer, sizeof(buffer),
305  NULL, 0,
306  NI_NUMERICHOST) == 0)
307  clean_ipv6_addr(hba->addr.ss_family, buffer);
308  addrstr = pstrdup(buffer);
309  }
310  if (hba->masklen > 0)
311  {
312  if (pg_getnameinfo_all(&hba->mask, hba->masklen,
313  buffer, sizeof(buffer),
314  NULL, 0,
315  NI_NUMERICHOST) == 0)
316  clean_ipv6_addr(hba->mask.ss_family, buffer);
317  maskstr = pstrdup(buffer);
318  }
319  }
320  break;
321  case ipCmpAll:
322  addrstr = "all";
323  break;
324  case ipCmpSameHost:
325  addrstr = "samehost";
326  break;
327  case ipCmpSameNet:
328  addrstr = "samenet";
329  break;
330  }
331  if (addrstr)
332  values[index++] = CStringGetTextDatum(addrstr);
333  else
334  nulls[index++] = true;
335  if (maskstr)
336  values[index++] = CStringGetTextDatum(maskstr);
337  else
338  nulls[index++] = true;
339 
340  /* auth_method */
341  values[index++] = CStringGetTextDatum(hba_authname(hba->auth_method));
342 
343  /* options */
344  options = get_hba_options(hba);
345  if (options)
346  values[index++] = PointerGetDatum(options);
347  else
348  nulls[index++] = true;
349  }
350  else
351  {
352  /* no parsing result, so set relevant fields to nulls */
353  memset(&nulls[3], true, (NUM_PG_HBA_FILE_RULES_ATTS - 4) * sizeof(bool));
354  }
355 
356  /* error */
357  if (err_msg)
358  values[NUM_PG_HBA_FILE_RULES_ATTS - 1] = CStringGetTextDatum(err_msg);
359  else
360  nulls[NUM_PG_HBA_FILE_RULES_ATTS - 1] = true;
361 
362  tuple = heap_form_tuple(tupdesc, values, nulls);
363  tuplestore_puttuple(tuple_store, tuple);
364 }
365 
366 /*
367  * fill_hba_view
368  * Read the pg_hba.conf file and fill the tuplestore with view records.
369  */
370 static void
371 fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
372 {
373  FILE *file;
374  List *hba_lines = NIL;
375  ListCell *line;
376  int rule_number = 0;
377  MemoryContext hbacxt;
378  MemoryContext oldcxt;
379 
380  /*
381  * In the unlikely event that we can't open pg_hba.conf, we throw an
382  * error, rather than trying to report it via some sort of view entry.
383  * (Most other error conditions should result in a message in a view
384  * entry.)
385  */
386  file = open_auth_file(HbaFileName, ERROR, 0, NULL);
387 
388  tokenize_auth_file(HbaFileName, file, &hba_lines, DEBUG3, 0);
389 
390  /* Now parse all the lines */
391  hbacxt = AllocSetContextCreate(CurrentMemoryContext,
392  "hba parser context",
393  ALLOCSET_SMALL_SIZES);
394  oldcxt = MemoryContextSwitchTo(hbacxt);
395  foreach(line, hba_lines)
396  {
397  TokenizedAuthLine *tok_line = (TokenizedAuthLine *) lfirst(line);
398  HbaLine *hbaline = NULL;
399 
400  /* don't parse lines that already have errors */
401  if (tok_line->err_msg == NULL)
402  hbaline = parse_hba_line(tok_line, DEBUG3);
403 
404  /* No error, set a new rule number */
405  if (tok_line->err_msg == NULL)
406  rule_number++;
407 
408  fill_hba_line(tuple_store, tupdesc, rule_number,
409  tok_line->file_name, tok_line->line_num, hbaline,
410  tok_line->err_msg);
411  }
412 
413  /* Free tokenizer memory */
414  free_auth_file(file, 0);
415  /* Free parse_hba_line memory */
416  MemoryContextSwitchTo(oldcxt);
417  MemoryContextDelete(hbacxt);
418 }
419 
420 /*
421  * pg_hba_file_rules
422  *
423  * SQL-accessible set-returning function to return all the entries in the
424  * pg_hba.conf file.
425  */
426 Datum
427 pg_hba_file_rules(PG_FUNCTION_ARGS)
428 {
429  ReturnSetInfo *rsi;
430 
431  /*
432  * Build tuplestore to hold the result rows. We must use the Materialize
433  * mode to be safe against HBA file changes while the cursor is open. It's
434  * also more efficient than having to look up our current position in the
435  * parsed list every time.
436  */
437  InitMaterializedSRF(fcinfo, 0);
438 
439  /* Fill the tuplestore */
440  rsi = (ReturnSetInfo *) fcinfo->resultinfo;
441  fill_hba_view(rsi->setResult, rsi->setDesc);
442 
443  PG_RETURN_NULL();
444 }
445 
446 /* Number of columns in pg_ident_file_mappings view */
447 #define NUM_PG_IDENT_FILE_MAPPINGS_ATTS 7
448 
449 /*
450  * fill_ident_line: build one row of pg_ident_file_mappings view, add it to
451  * tuplestore
452  *
453  * tuple_store: where to store data
454  * tupdesc: tuple descriptor for the view
455  * map_number: unique identifier among all valid maps
456  * filename: configuration file name (must always be valid)
457  * lineno: line number of configuration file (must always be valid)
458  * ident: parsed line data (can be NULL, in which case err_msg should be set)
459  * err_msg: error message (NULL if none)
460  *
461  * Note: leaks memory, but we don't care since this is run in a short-lived
462  * memory context.
463  */
464 static void
465 fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
466  int map_number, char *filename, int lineno, IdentLine *ident,
467  const char *err_msg)
468 {
469  Datum values[NUM_PG_IDENT_FILE_MAPPINGS_ATTS];
470  bool nulls[NUM_PG_IDENT_FILE_MAPPINGS_ATTS];
471  HeapTuple tuple;
472  int index;
473 
474  Assert(tupdesc->natts == NUM_PG_IDENT_FILE_MAPPINGS_ATTS);
475 
476  memset(values, 0, sizeof(values));
477  memset(nulls, 0, sizeof(nulls));
478  index = 0;
479 
480  /* map_number, nothing on error */
481  if (err_msg)
482  nulls[index++] = true;
483  else
484  values[index++] = Int32GetDatum(map_number);
485 
486  /* file_name */
487  values[index++] = CStringGetTextDatum(filename);
488 
489  /* line_number */
490  values[index++] = Int32GetDatum(lineno);
491 
492  if (ident != NULL)
493  {
494  values[index++] = CStringGetTextDatum(ident->usermap);
495  values[index++] = CStringGetTextDatum(ident->system_user->string);
496  values[index++] = CStringGetTextDatum(ident->pg_user->string);
497  }
498  else
499  {
500  /* no parsing result, so set relevant fields to nulls */
501  memset(&nulls[3], true, (NUM_PG_IDENT_FILE_MAPPINGS_ATTS - 4) * sizeof(bool));
502  }
503 
504  /* error */
505  if (err_msg)
506  values[NUM_PG_IDENT_FILE_MAPPINGS_ATTS - 1] = CStringGetTextDatum(err_msg);
507  else
508  nulls[NUM_PG_IDENT_FILE_MAPPINGS_ATTS - 1] = true;
509 
510  tuple = heap_form_tuple(tupdesc, values, nulls);
511  tuplestore_puttuple(tuple_store, tuple);
512 }
513 
514 /*
515  * Read the pg_ident.conf file and fill the tuplestore with view records.
516  */
517 static void
518 fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
519 {
520  FILE *file;
521  List *ident_lines = NIL;
522  ListCell *line;
523  int map_number = 0;
524  MemoryContext identcxt;
525  MemoryContext oldcxt;
526 
527  /*
528  * In the unlikely event that we can't open pg_ident.conf, we throw an
529  * error, rather than trying to report it via some sort of view entry.
530  * (Most other error conditions should result in a message in a view
531  * entry.)
532  */
533  file = open_auth_file(IdentFileName, ERROR, 0, NULL);
534 
535  tokenize_auth_file(IdentFileName, file, &ident_lines, DEBUG3, 0);
536 
537  /* Now parse all the lines */
538  identcxt = AllocSetContextCreate(CurrentMemoryContext,
539  "ident parser context",
540  ALLOCSET_SMALL_SIZES);
541  oldcxt = MemoryContextSwitchTo(identcxt);
542  foreach(line, ident_lines)
543  {
544  TokenizedAuthLine *tok_line = (TokenizedAuthLine *) lfirst(line);
545  IdentLine *identline = NULL;
546 
547  /* don't parse lines that already have errors */
548  if (tok_line->err_msg == NULL)
549  identline = parse_ident_line(tok_line, DEBUG3);
550 
551  /* no error, set a new mapping number */
552  if (tok_line->err_msg == NULL)
553  map_number++;
554 
555  fill_ident_line(tuple_store, tupdesc, map_number,
556  tok_line->file_name, tok_line->line_num,
557  identline, tok_line->err_msg);
558  }
559 
560  /* Free tokenizer memory */
561  free_auth_file(file, 0);
562  /* Free parse_ident_line memory */
563  MemoryContextSwitchTo(oldcxt);
564  MemoryContextDelete(identcxt);
565 }
566 
567 /*
568  * SQL-accessible SRF to return all the entries in the pg_ident.conf file.
569  */
570 Datum
571 pg_ident_file_mappings(PG_FUNCTION_ARGS)
572 {
573  ReturnSetInfo *rsi;
574 
575  /*
576  * Build tuplestore to hold the result rows. We must use the Materialize
577  * mode to be safe against HBA file changes while the cursor is open. It's
578  * also more efficient than having to look up our current position in the
579  * parsed list every time.
580  */
581  InitMaterializedSRF(fcinfo, 0);
582 
583  /* Fill the tuplestore */
584  rsi = (ReturnSetInfo *) fcinfo->resultinfo;
585  fill_ident_view(rsi->setResult, rsi->setDesc);
586 
587  PG_RETURN_NULL();
588 }
construct_array_builtin
ArrayType * construct_array_builtin(Datum *elems, int nelems, Oid elmtype)
Definition: arrayfuncs.c:3375
values
static Datum values[MAXATTR]
Definition: bootstrap.c:156
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:94
DEBUG3
#define DEBUG3
Definition: elog.h:28
ERROR
#define ERROR
Definition: elog.h:39
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_FUNCTION_ARGS
#define PG_FUNCTION_ARGS
Definition: fmgr.h:193
InitMaterializedSRF
void InitMaterializedSRF(FunctionCallInfo fcinfo, bits32 flags)
Definition: funcapi.c:76
HbaFileName
char * HbaFileName
Definition: guc_tables.c:537
IdentFileName
char * IdentFileName
Definition: guc_tables.c:538
parse_ident_line
IdentLine * parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
Definition: hba.c:2694
open_auth_file
FILE * open_auth_file(const char *filename, int elevel, int depth, char **err_msg)
Definition: hba.c:600
hba_authname
const char * hba_authname(UserAuth auth_method)
Definition: hba.c:3066
free_auth_file
void free_auth_file(FILE *file, int depth)
Definition: hba.c:575
parse_hba_line
HbaLine * parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
Definition: hba.c:1327
tokenize_auth_file
void tokenize_auth_file(const char *filename, FILE *file, List **tok_lines, int elevel, int depth)
Definition: hba.c:691
ipCmpAll
@ ipCmpAll
Definition: hba.h:54
ipCmpSameNet
@ ipCmpSameNet
Definition: hba.h:53
ipCmpMask
@ ipCmpMask
Definition: hba.h:51
ipCmpSameHost
@ ipCmpSameHost
Definition: hba.h:52
ctHostNoGSS
@ ctHostNoGSS
Definition: hba.h:64
ctHostSSL
@ ctHostSSL
Definition: hba.h:61
ctHostNoSSL
@ ctHostNoSSL
Definition: hba.h:62
ctHost
@ ctHost
Definition: hba.h:60
ctHostGSS
@ ctHostGSS
Definition: hba.h:63
ctLocal
@ ctLocal
Definition: hba.h:59
uaLDAP
@ uaLDAP
Definition: hba.h:38
uaGSS
@ uaGSS
Definition: hba.h:34
uaRADIUS
@ uaRADIUS
Definition: hba.h:40
uaSSPI
@ uaSSPI
Definition: hba.h:35
clientCertOff
@ clientCertOff
Definition: hba.h:69
clientCertCA
@ clientCertCA
Definition: hba.h:70
fill_ident_line
static void fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc, int map_number, char *filename, int lineno, IdentLine *ident, const char *err_msg)
Definition: hbafuncs.c:465
fill_hba_view
static void fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
Definition: hbafuncs.c:371
fill_ident_view
static void fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
Definition: hbafuncs.c:518
fill_hba_line
static void fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc, int rule_number, char *filename, int lineno, HbaLine *hba, const char *err_msg)
Definition: hbafuncs.c:180
NUM_PG_HBA_FILE_RULES_ATTS
#define NUM_PG_HBA_FILE_RULES_ATTS
Definition: hbafuncs.c:162
get_hba_options
static ArrayType * get_hba_options(HbaLine *hba)
Definition: hbafuncs.c:53
pg_ident_file_mappings
Datum pg_ident_file_mappings(PG_FUNCTION_ARGS)
Definition: hbafuncs.c:571
MAX_HBA_OPTIONS
#define MAX_HBA_OPTIONS
Definition: hbafuncs.c:46
NUM_PG_IDENT_FILE_MAPPINGS_ATTS
#define NUM_PG_IDENT_FILE_MAPPINGS_ATTS
Definition: hbafuncs.c:447
pg_hba_file_rules
Datum pg_hba_file_rules(PG_FUNCTION_ARGS)
Definition: hbafuncs.c:427
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, const Datum *values, const bool *isnull)
Definition: heaptuple.c:1117
ident
#define ident
Definition: indent_codes.h:47
pg_getnameinfo_all
int pg_getnameinfo_all(const struct sockaddr_storage *addr, int salen, char *node, int nodelen, char *service, int servicelen, int flags)
Definition: ip.c:114
Assert
Assert(fmt[strlen(fmt) - 1] !='\n')
lappend
List * lappend(List *list, void *datum)
Definition: list.c:338
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1644
CurrentMemoryContext
MemoryContext CurrentMemoryContext
Definition: mcxt.c:135
MemoryContextDelete
void MemoryContextDelete(MemoryContext context)
Definition: mcxt.c:403
AllocSetContextCreate
#define AllocSetContextCreate
Definition: memutils.h:126
ALLOCSET_SMALL_SIZES
#define ALLOCSET_SMALL_SIZES
Definition: memutils.h:160
clean_ipv6_addr
void clean_ipv6_addr(int addr_family, char *addr)
Definition: network.c:2095
strlist_to_textarray
ArrayType * strlist_to_textarray(List *list)
Definition: objectaddress.c:6051
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:138
filename
static char * filename
Definition: pg_dumpall.c:121
lfirst
#define lfirst(lc)
Definition: pg_list.h:172
NIL
#define NIL
Definition: pg_list.h:68
noptions
static size_t noptions
Definition: pg_recvlogical.c:60
options
static char ** options
Definition: pg_recvlogical.c:59
PointerGetDatum
static Datum PointerGetDatum(const void *X)
Definition: postgres.h:322
Datum
uintptr_t Datum
Definition: postgres.h:64
Int32GetDatum
static Datum Int32GetDatum(int32 X)
Definition: postgres.h:212
psprintf
char * psprintf(const char *fmt,...)
Definition: psprintf.c:46
AuthToken
Definition: hba.h:88
AuthToken::string
char * string
Definition: hba.h:89
HbaLine
Definition: hba.h:95
HbaLine::auth_method
UserAuth auth_method
Definition: hba.h:108
HbaLine::mask
struct sockaddr_storage mask
Definition: hba.h:104
HbaLine::addrlen
int addrlen
Definition: hba.h:103
HbaLine::ldapserver
char * ldapserver
Definition: hba.h:114
HbaLine::include_realm
bool include_realm
Definition: hba.h:127
HbaLine::masklen
int masklen
Definition: hba.h:105
HbaLine::clientcert
ClientCertMode clientcert
Definition: hba.h:124
HbaLine::ldapsearchfilter
char * ldapsearchfilter
Definition: hba.h:119
HbaLine::ldapprefix
char * ldapprefix
Definition: hba.h:122
HbaLine::ldapsearchattribute
char * ldapsearchattribute
Definition: hba.h:118
HbaLine::krb_realm
char * krb_realm
Definition: hba.h:126
HbaLine::ldapbasedn
char * ldapbasedn
Definition: hba.h:120
HbaLine::radiussecrets_s
char * radiussecrets_s
Definition: hba.h:133
HbaLine::hostname
char * hostname
Definition: hba.h:107
HbaLine::pamservice
char * pamservice
Definition: hba.h:110
HbaLine::databases
List * databases
Definition: hba.h:100
HbaLine::conntype
ConnType conntype
Definition: hba.h:99
HbaLine::usermap
char * usermap
Definition: hba.h:109
HbaLine::ldapsuffix
char * ldapsuffix
Definition: hba.h:123
HbaLine::ldapport
int ldapport
Definition: hba.h:115
HbaLine::addr
struct sockaddr_storage addr
Definition: hba.h:102
HbaLine::ldapbindpasswd
char * ldapbindpasswd
Definition: hba.h:117
HbaLine::roles
List * roles
Definition: hba.h:101
HbaLine::radiusports_s
char * radiusports_s
Definition: hba.h:137
HbaLine::ldapbinddn
char * ldapbinddn
Definition: hba.h:116
HbaLine::ldapscope
int ldapscope
Definition: hba.h:121
HbaLine::ip_cmp_method
IPCompareMethod ip_cmp_method
Definition: hba.h:106
HbaLine::ldaptls
bool ldaptls
Definition: hba.h:112
HbaLine::radiusservers_s
char * radiusservers_s
Definition: hba.h:131
HbaLine::radiusidentifiers_s
char * radiusidentifiers_s
Definition: hba.h:135
IdentLine
Definition: hba.h:141
List
Definition: pg_list.h:54
ReturnSetInfo::setDesc
TupleDesc setDesc
Definition: execnodes.h:333
ReturnSetInfo::setResult
Tuplestorestate * setResult
Definition: execnodes.h:332
TokenizedAuthLine::line_num
int line_num
Definition: hba.h:162
TokenizedAuthLine::file_name
char * file_name
Definition: hba.h:161
TokenizedAuthLine::err_msg
char * err_msg
Definition: hba.h:164
index
Definition: type.h:95
tuplestore_puttuple
void tuplestore_puttuple(Tuplestorestate *state, HeapTuple tuple)
Definition: tuplestore.c:730