mirror of
https://github.com/postgres/postgres.git
synced 2025-06-16 06:01:02 +03:00
Refactor code handling the names of files loaded in hba.c
This has the advantage to limit the presence of the GUC values hba_file and ident_file to the code paths where these files are loaded, easing the introduction of an upcoming feature aimed at adding inclusion logic for files and directories in HBA and ident files. Note that this needs the addition of the source file name to HbaLine, in addition to the line number, which is something needed by the backend in two places of auth.c (authentication failure details and auth_id log when log_connections is enabled). While on it, adjust a log generated on authentication failure to report the name of the actual HBA file on which the connection attempt matched, where the line number and the raw line written in the HBA file were already included. This was previously hardcoded as pg_hba.conf, which would be incorrect when a custom value is used at postmaster startup for the GUC hba_file. Extracted from a larger patch by the same author. Author: Julien Rouhaud Discussion: https://postgr.es/m/20220223045959.35ipdsvbxcstrhya@jrouhaud
This commit is contained in:
Michael Paquier
@ -307,8 +307,9 @@ auth_failed(Port *port, int status, const char *logdetail)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
cdetail = psprintf(_("Connection matched pg_hba.conf line %d: \"%s\""),
|
cdetail = psprintf(_("Connection matched %s line %d: \"%s\""),
|
||||||
port->hba->linenumber, port->hba->rawline);
|
port->hba->sourcefile, port->hba->linenumber,
|
||||||
|
port->hba->rawline);
|
||||||
if (logdetail)
|
if (logdetail)
|
||||||
logdetail = psprintf("%s\n%s", logdetail, cdetail);
|
logdetail = psprintf("%s\n%s", logdetail, cdetail);
|
||||||
else
|
else
|
||||||
@ -365,7 +366,7 @@ set_authn_id(Port *port, const char *id)
|
|||||||
"(%s:%d)",
|
"(%s:%d)",
|
||||||
MyClientConnectionInfo.authn_id,
|
MyClientConnectionInfo.authn_id,
|
||||||
hba_authname(MyClientConnectionInfo.auth_method),
|
hba_authname(MyClientConnectionInfo.auth_method),
|
||||||
HbaFileName, port->hba->linenumber));
|
port->hba->sourcefile, port->hba->linenumber));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -641,6 +641,7 @@ tokenize_auth_file(const char *filename, FILE *file, List **tok_lines,
|
|||||||
|
|
||||||
tok_line = (TokenizedAuthLine *) palloc(sizeof(TokenizedAuthLine));
|
tok_line = (TokenizedAuthLine *) palloc(sizeof(TokenizedAuthLine));
|
||||||
tok_line->fields = current_line;
|
tok_line->fields = current_line;
|
||||||
|
tok_line->file_name = pstrdup(filename);
|
||||||
tok_line->line_num = line_number;
|
tok_line->line_num = line_number;
|
||||||
tok_line->raw_line = pstrdup(buf.data);
|
tok_line->raw_line = pstrdup(buf.data);
|
||||||
tok_line->err_msg = err_msg;
|
tok_line->err_msg = err_msg;
|
||||||
@ -984,7 +985,7 @@ do { \
|
|||||||
errmsg("authentication option \"%s\" is only valid for authentication methods %s", \
|
errmsg("authentication option \"%s\" is only valid for authentication methods %s", \
|
||||||
optname, _(validmethods)), \
|
optname, _(validmethods)), \
|
||||||
errcontext("line %d of configuration file \"%s\"", \
|
errcontext("line %d of configuration file \"%s\"", \
|
||||||
line_num, HbaFileName))); \
|
line_num, file_name))); \
|
||||||
*err_msg = psprintf("authentication option \"%s\" is only valid for authentication methods %s", \
|
*err_msg = psprintf("authentication option \"%s\" is only valid for authentication methods %s", \
|
||||||
optname, validmethods); \
|
optname, validmethods); \
|
||||||
return false; \
|
return false; \
|
||||||
@ -1004,7 +1005,7 @@ do { \
|
|||||||
errmsg("authentication method \"%s\" requires argument \"%s\" to be set", \
|
errmsg("authentication method \"%s\" requires argument \"%s\" to be set", \
|
||||||
authname, argname), \
|
authname, argname), \
|
||||||
errcontext("line %d of configuration file \"%s\"", \
|
errcontext("line %d of configuration file \"%s\"", \
|
||||||
line_num, HbaFileName))); \
|
line_num, file_name))); \
|
||||||
*err_msg = psprintf("authentication method \"%s\" requires argument \"%s\" to be set", \
|
*err_msg = psprintf("authentication method \"%s\" requires argument \"%s\" to be set", \
|
||||||
authname, argname); \
|
authname, argname); \
|
||||||
return NULL; \
|
return NULL; \
|
||||||
@ -1027,7 +1028,7 @@ do { \
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR), \
|
(errcode(ERRCODE_CONFIG_FILE_ERROR), \
|
||||||
errmsg("missing entry at end of line"), \
|
errmsg("missing entry at end of line"), \
|
||||||
errcontext("line %d of configuration file \"%s\"", \
|
errcontext("line %d of configuration file \"%s\"", \
|
||||||
line_num, IdentFileName))); \
|
line_num, file_name))); \
|
||||||
*err_msg = pstrdup("missing entry at end of line"); \
|
*err_msg = pstrdup("missing entry at end of line"); \
|
||||||
return NULL; \
|
return NULL; \
|
||||||
} \
|
} \
|
||||||
@ -1040,7 +1041,7 @@ do { \
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR), \
|
(errcode(ERRCODE_CONFIG_FILE_ERROR), \
|
||||||
errmsg("multiple values in ident field"), \
|
errmsg("multiple values in ident field"), \
|
||||||
errcontext("line %d of configuration file \"%s\"", \
|
errcontext("line %d of configuration file \"%s\"", \
|
||||||
line_num, IdentFileName))); \
|
line_num, file_name))); \
|
||||||
*err_msg = pstrdup("multiple values in ident field"); \
|
*err_msg = pstrdup("multiple values in ident field"); \
|
||||||
return NULL; \
|
return NULL; \
|
||||||
} \
|
} \
|
||||||
@ -1063,6 +1064,7 @@ HbaLine *
|
|||||||
parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
||||||
{
|
{
|
||||||
int line_num = tok_line->line_num;
|
int line_num = tok_line->line_num;
|
||||||
|
char *file_name = tok_line->file_name;
|
||||||
char **err_msg = &tok_line->err_msg;
|
char **err_msg = &tok_line->err_msg;
|
||||||
char *str;
|
char *str;
|
||||||
struct addrinfo *gai_result;
|
struct addrinfo *gai_result;
|
||||||
@ -1077,6 +1079,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
HbaLine *parsedline;
|
HbaLine *parsedline;
|
||||||
|
|
||||||
parsedline = palloc0(sizeof(HbaLine));
|
parsedline = palloc0(sizeof(HbaLine));
|
||||||
|
parsedline->sourcefile = pstrdup(tok_line->file_name);
|
||||||
parsedline->linenumber = line_num;
|
parsedline->linenumber = line_num;
|
||||||
parsedline->rawline = pstrdup(tok_line->raw_line);
|
parsedline->rawline = pstrdup(tok_line->raw_line);
|
||||||
|
|
||||||
@ -1091,7 +1094,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("multiple values specified for connection type"),
|
errmsg("multiple values specified for connection type"),
|
||||||
errhint("Specify exactly one connection type per line."),
|
errhint("Specify exactly one connection type per line."),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "multiple values specified for connection type";
|
*err_msg = "multiple values specified for connection type";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1119,7 +1122,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("hostssl record cannot match because SSL is disabled"),
|
errmsg("hostssl record cannot match because SSL is disabled"),
|
||||||
errhint("Set ssl = on in postgresql.conf."),
|
errhint("Set ssl = on in postgresql.conf."),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "hostssl record cannot match because SSL is disabled";
|
*err_msg = "hostssl record cannot match because SSL is disabled";
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
@ -1127,7 +1130,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("hostssl record cannot match because SSL is not supported by this build"),
|
errmsg("hostssl record cannot match because SSL is not supported by this build"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "hostssl record cannot match because SSL is not supported by this build";
|
*err_msg = "hostssl record cannot match because SSL is not supported by this build";
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -1139,7 +1142,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("hostgssenc record cannot match because GSSAPI is not supported by this build"),
|
errmsg("hostgssenc record cannot match because GSSAPI is not supported by this build"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "hostgssenc record cannot match because GSSAPI is not supported by this build";
|
*err_msg = "hostgssenc record cannot match because GSSAPI is not supported by this build";
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -1160,7 +1163,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid connection type \"%s\"",
|
errmsg("invalid connection type \"%s\"",
|
||||||
token->string),
|
token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid connection type \"%s\"", token->string);
|
*err_msg = psprintf("invalid connection type \"%s\"", token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1173,7 +1176,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("end-of-line before database specification"),
|
errmsg("end-of-line before database specification"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "end-of-line before database specification";
|
*err_msg = "end-of-line before database specification";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1184,7 +1187,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
AuthToken *tok = copy_auth_token(lfirst(tokencell));
|
AuthToken *tok = copy_auth_token(lfirst(tokencell));
|
||||||
|
|
||||||
/* Compile a regexp for the database token, if necessary */
|
/* Compile a regexp for the database token, if necessary */
|
||||||
if (regcomp_auth_token(tok, HbaFileName, line_num, err_msg, elevel))
|
if (regcomp_auth_token(tok, file_name, line_num, err_msg, elevel))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
parsedline->databases = lappend(parsedline->databases, tok);
|
parsedline->databases = lappend(parsedline->databases, tok);
|
||||||
@ -1198,7 +1201,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("end-of-line before role specification"),
|
errmsg("end-of-line before role specification"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "end-of-line before role specification";
|
*err_msg = "end-of-line before role specification";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1209,7 +1212,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
AuthToken *tok = copy_auth_token(lfirst(tokencell));
|
AuthToken *tok = copy_auth_token(lfirst(tokencell));
|
||||||
|
|
||||||
/* Compile a regexp from the role token, if necessary */
|
/* Compile a regexp from the role token, if necessary */
|
||||||
if (regcomp_auth_token(tok, HbaFileName, line_num, err_msg, elevel))
|
if (regcomp_auth_token(tok, file_name, line_num, err_msg, elevel))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
parsedline->roles = lappend(parsedline->roles, tok);
|
parsedline->roles = lappend(parsedline->roles, tok);
|
||||||
@ -1225,7 +1228,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("end-of-line before IP address specification"),
|
errmsg("end-of-line before IP address specification"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "end-of-line before IP address specification";
|
*err_msg = "end-of-line before IP address specification";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1237,7 +1240,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("multiple values specified for host address"),
|
errmsg("multiple values specified for host address"),
|
||||||
errhint("Specify one address range per line."),
|
errhint("Specify one address range per line."),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "multiple values specified for host address";
|
*err_msg = "multiple values specified for host address";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1296,7 +1299,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid IP address \"%s\": %s",
|
errmsg("invalid IP address \"%s\": %s",
|
||||||
str, gai_strerror(ret)),
|
str, gai_strerror(ret)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid IP address \"%s\": %s",
|
*err_msg = psprintf("invalid IP address \"%s\": %s",
|
||||||
str, gai_strerror(ret));
|
str, gai_strerror(ret));
|
||||||
if (gai_result)
|
if (gai_result)
|
||||||
@ -1316,7 +1319,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("specifying both host name and CIDR mask is invalid: \"%s\"",
|
errmsg("specifying both host name and CIDR mask is invalid: \"%s\"",
|
||||||
token->string),
|
token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("specifying both host name and CIDR mask is invalid: \"%s\"",
|
*err_msg = psprintf("specifying both host name and CIDR mask is invalid: \"%s\"",
|
||||||
token->string);
|
token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1330,7 +1333,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid CIDR mask in address \"%s\"",
|
errmsg("invalid CIDR mask in address \"%s\"",
|
||||||
token->string),
|
token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid CIDR mask in address \"%s\"",
|
*err_msg = psprintf("invalid CIDR mask in address \"%s\"",
|
||||||
token->string);
|
token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1350,7 +1353,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("end-of-line before netmask specification"),
|
errmsg("end-of-line before netmask specification"),
|
||||||
errhint("Specify an address range in CIDR notation, or provide a separate netmask."),
|
errhint("Specify an address range in CIDR notation, or provide a separate netmask."),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "end-of-line before netmask specification";
|
*err_msg = "end-of-line before netmask specification";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1361,7 +1364,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("multiple values specified for netmask"),
|
errmsg("multiple values specified for netmask"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "multiple values specified for netmask";
|
*err_msg = "multiple values specified for netmask";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1376,7 +1379,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid IP mask \"%s\": %s",
|
errmsg("invalid IP mask \"%s\": %s",
|
||||||
token->string, gai_strerror(ret)),
|
token->string, gai_strerror(ret)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid IP mask \"%s\": %s",
|
*err_msg = psprintf("invalid IP mask \"%s\": %s",
|
||||||
token->string, gai_strerror(ret));
|
token->string, gai_strerror(ret));
|
||||||
if (gai_result)
|
if (gai_result)
|
||||||
@ -1395,7 +1398,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("IP address and mask do not match"),
|
errmsg("IP address and mask do not match"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "IP address and mask do not match";
|
*err_msg = "IP address and mask do not match";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1411,7 +1414,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("end-of-line before authentication method"),
|
errmsg("end-of-line before authentication method"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "end-of-line before authentication method";
|
*err_msg = "end-of-line before authentication method";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1423,7 +1426,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("multiple values specified for authentication type"),
|
errmsg("multiple values specified for authentication type"),
|
||||||
errhint("Specify exactly one authentication type per line."),
|
errhint("Specify exactly one authentication type per line."),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "multiple values specified for authentication type";
|
*err_msg = "multiple values specified for authentication type";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1460,7 +1463,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"),
|
errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "MD5 authentication is not supported when \"db_user_namespace\" is enabled";
|
*err_msg = "MD5 authentication is not supported when \"db_user_namespace\" is enabled";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1501,7 +1504,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid authentication method \"%s\"",
|
errmsg("invalid authentication method \"%s\"",
|
||||||
token->string),
|
token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid authentication method \"%s\"",
|
*err_msg = psprintf("invalid authentication method \"%s\"",
|
||||||
token->string);
|
token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1514,7 +1517,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
errmsg("invalid authentication method \"%s\": not supported by this build",
|
errmsg("invalid authentication method \"%s\": not supported by this build",
|
||||||
token->string),
|
token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid authentication method \"%s\": not supported by this build",
|
*err_msg = psprintf("invalid authentication method \"%s\": not supported by this build",
|
||||||
token->string);
|
token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1536,7 +1539,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("gssapi authentication is not supported on local sockets"),
|
errmsg("gssapi authentication is not supported on local sockets"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "gssapi authentication is not supported on local sockets";
|
*err_msg = "gssapi authentication is not supported on local sockets";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1548,7 +1551,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("peer authentication is only supported on local sockets"),
|
errmsg("peer authentication is only supported on local sockets"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "peer authentication is only supported on local sockets";
|
*err_msg = "peer authentication is only supported on local sockets";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1566,7 +1569,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("cert authentication is only supported on hostssl connections"),
|
errmsg("cert authentication is only supported on hostssl connections"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "cert authentication is only supported on hostssl connections";
|
*err_msg = "cert authentication is only supported on hostssl connections";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1616,7 +1619,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("authentication option not in name=value format: %s", token->string),
|
errmsg("authentication option not in name=value format: %s", token->string),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("authentication option not in name=value format: %s",
|
*err_msg = psprintf("authentication option not in name=value format: %s",
|
||||||
token->string);
|
token->string);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -1660,7 +1663,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("cannot use ldapbasedn, ldapbinddn, ldapbindpasswd, ldapsearchattribute, ldapsearchfilter, or ldapurl together with ldapprefix"),
|
errmsg("cannot use ldapbasedn, ldapbinddn, ldapbindpasswd, ldapsearchattribute, ldapsearchfilter, or ldapurl together with ldapprefix"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "cannot use ldapbasedn, ldapbinddn, ldapbindpasswd, ldapsearchattribute, ldapsearchfilter, or ldapurl together with ldapprefix";
|
*err_msg = "cannot use ldapbasedn, ldapbinddn, ldapbindpasswd, ldapsearchattribute, ldapsearchfilter, or ldapurl together with ldapprefix";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1671,7 +1674,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("authentication method \"ldap\" requires argument \"ldapbasedn\", \"ldapprefix\", or \"ldapsuffix\" to be set"),
|
errmsg("authentication method \"ldap\" requires argument \"ldapbasedn\", \"ldapprefix\", or \"ldapsuffix\" to be set"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "authentication method \"ldap\" requires argument \"ldapbasedn\", \"ldapprefix\", or \"ldapsuffix\" to be set";
|
*err_msg = "authentication method \"ldap\" requires argument \"ldapbasedn\", \"ldapprefix\", or \"ldapsuffix\" to be set";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1687,7 +1690,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("cannot use ldapsearchattribute together with ldapsearchfilter"),
|
errmsg("cannot use ldapsearchattribute together with ldapsearchfilter"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "cannot use ldapsearchattribute together with ldapsearchfilter";
|
*err_msg = "cannot use ldapsearchattribute together with ldapsearchfilter";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1704,7 +1707,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("list of RADIUS servers cannot be empty"),
|
errmsg("list of RADIUS servers cannot be empty"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "list of RADIUS servers cannot be empty";
|
*err_msg = "list of RADIUS servers cannot be empty";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1715,7 +1718,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("list of RADIUS secrets cannot be empty"),
|
errmsg("list of RADIUS secrets cannot be empty"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "list of RADIUS secrets cannot be empty";
|
*err_msg = "list of RADIUS secrets cannot be empty";
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1734,7 +1737,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
list_length(parsedline->radiussecrets),
|
list_length(parsedline->radiussecrets),
|
||||||
list_length(parsedline->radiusservers)),
|
list_length(parsedline->radiusservers)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("the number of RADIUS secrets (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
*err_msg = psprintf("the number of RADIUS secrets (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
||||||
list_length(parsedline->radiussecrets),
|
list_length(parsedline->radiussecrets),
|
||||||
list_length(parsedline->radiusservers));
|
list_length(parsedline->radiusservers));
|
||||||
@ -1750,7 +1753,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
list_length(parsedline->radiusports),
|
list_length(parsedline->radiusports),
|
||||||
list_length(parsedline->radiusservers)),
|
list_length(parsedline->radiusservers)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("the number of RADIUS ports (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
*err_msg = psprintf("the number of RADIUS ports (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
||||||
list_length(parsedline->radiusports),
|
list_length(parsedline->radiusports),
|
||||||
list_length(parsedline->radiusservers));
|
list_length(parsedline->radiusservers));
|
||||||
@ -1766,7 +1769,7 @@ parse_hba_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
list_length(parsedline->radiusidentifiers),
|
list_length(parsedline->radiusidentifiers),
|
||||||
list_length(parsedline->radiusservers)),
|
list_length(parsedline->radiusservers)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("the number of RADIUS identifiers (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
*err_msg = psprintf("the number of RADIUS identifiers (%d) must be 1 or the same as the number of RADIUS servers (%d)",
|
||||||
list_length(parsedline->radiusidentifiers),
|
list_length(parsedline->radiusidentifiers),
|
||||||
list_length(parsedline->radiusservers));
|
list_length(parsedline->radiusservers));
|
||||||
@ -1801,6 +1804,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
int elevel, char **err_msg)
|
int elevel, char **err_msg)
|
||||||
{
|
{
|
||||||
int line_num = hbaline->linenumber;
|
int line_num = hbaline->linenumber;
|
||||||
|
char *file_name = hbaline->sourcefile;
|
||||||
|
|
||||||
#ifdef USE_LDAP
|
#ifdef USE_LDAP
|
||||||
hbaline->ldapscope = LDAP_SCOPE_SUBTREE;
|
hbaline->ldapscope = LDAP_SCOPE_SUBTREE;
|
||||||
@ -1824,7 +1828,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("clientcert can only be configured for \"hostssl\" rows"),
|
errmsg("clientcert can only be configured for \"hostssl\" rows"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "clientcert can only be configured for \"hostssl\" rows";
|
*err_msg = "clientcert can only be configured for \"hostssl\" rows";
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -1841,7 +1845,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("clientcert only accepts \"verify-full\" when using \"cert\" authentication"),
|
errmsg("clientcert only accepts \"verify-full\" when using \"cert\" authentication"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "clientcert can only be set to \"verify-full\" when using \"cert\" authentication";
|
*err_msg = "clientcert can only be set to \"verify-full\" when using \"cert\" authentication";
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -1854,7 +1858,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("invalid value for clientcert: \"%s\"", val),
|
errmsg("invalid value for clientcert: \"%s\"", val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1866,7 +1870,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("clientname can only be configured for \"hostssl\" rows"),
|
errmsg("clientname can only be configured for \"hostssl\" rows"),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = "clientname can only be configured for \"hostssl\" rows";
|
*err_msg = "clientname can only be configured for \"hostssl\" rows";
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -1885,7 +1889,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("invalid value for clientname: \"%s\"", val),
|
errmsg("invalid value for clientname: \"%s\"", val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1971,7 +1975,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("invalid ldapscheme value: \"%s\"", val),
|
errmsg("invalid ldapscheme value: \"%s\"", val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
hbaline->ldapscheme = pstrdup(val);
|
hbaline->ldapscheme = pstrdup(val);
|
||||||
}
|
}
|
||||||
else if (strcmp(name, "ldapserver") == 0)
|
else if (strcmp(name, "ldapserver") == 0)
|
||||||
@ -1989,7 +1993,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("invalid LDAP port number: \"%s\"", val),
|
errmsg("invalid LDAP port number: \"%s\"", val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid LDAP port number: \"%s\"", val);
|
*err_msg = psprintf("invalid LDAP port number: \"%s\"", val);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -2083,7 +2087,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("could not parse RADIUS server list \"%s\"",
|
errmsg("could not parse RADIUS server list \"%s\"",
|
||||||
val),
|
val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2102,7 +2106,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("could not translate RADIUS server name \"%s\" to address: %s",
|
errmsg("could not translate RADIUS server name \"%s\" to address: %s",
|
||||||
(char *) lfirst(l), gai_strerror(ret)),
|
(char *) lfirst(l), gai_strerror(ret)),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
if (gai_result)
|
if (gai_result)
|
||||||
pg_freeaddrinfo_all(hints.ai_family, gai_result);
|
pg_freeaddrinfo_all(hints.ai_family, gai_result);
|
||||||
|
|
||||||
@ -2131,7 +2135,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("could not parse RADIUS port list \"%s\"",
|
errmsg("could not parse RADIUS port list \"%s\"",
|
||||||
val),
|
val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("invalid RADIUS port number: \"%s\"", val);
|
*err_msg = psprintf("invalid RADIUS port number: \"%s\"", val);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -2144,7 +2148,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
(errcode(ERRCODE_CONFIG_FILE_ERROR),
|
||||||
errmsg("invalid RADIUS port number: \"%s\"", val),
|
errmsg("invalid RADIUS port number: \"%s\"", val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -2167,7 +2171,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("could not parse RADIUS secret list \"%s\"",
|
errmsg("could not parse RADIUS secret list \"%s\"",
|
||||||
val),
|
val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2189,7 +2193,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("could not parse RADIUS identifiers list \"%s\"",
|
errmsg("could not parse RADIUS identifiers list \"%s\"",
|
||||||
val),
|
val),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2203,7 +2207,7 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
|
|||||||
errmsg("unrecognized authentication option name: \"%s\"",
|
errmsg("unrecognized authentication option name: \"%s\"",
|
||||||
name),
|
name),
|
||||||
errcontext("line %d of configuration file \"%s\"",
|
errcontext("line %d of configuration file \"%s\"",
|
||||||
line_num, HbaFileName)));
|
line_num, file_name)));
|
||||||
*err_msg = psprintf("unrecognized authentication option name: \"%s\"",
|
*err_msg = psprintf("unrecognized authentication option name: \"%s\"",
|
||||||
name);
|
name);
|
||||||
return false;
|
return false;
|
||||||
@ -2460,6 +2464,7 @@ IdentLine *
|
|||||||
parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
|
parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
|
||||||
{
|
{
|
||||||
int line_num = tok_line->line_num;
|
int line_num = tok_line->line_num;
|
||||||
|
char *file_name = tok_line->file_name;
|
||||||
char **err_msg = &tok_line->err_msg;
|
char **err_msg = &tok_line->err_msg;
|
||||||
ListCell *field;
|
ListCell *field;
|
||||||
List *tokens;
|
List *tokens;
|
||||||
@ -2500,7 +2505,7 @@ parse_ident_line(TokenizedAuthLine *tok_line, int elevel)
|
|||||||
* Now that the field validation is done, compile a regex from the user
|
* Now that the field validation is done, compile a regex from the user
|
||||||
* token, if necessary.
|
* token, if necessary.
|
||||||
*/
|
*/
|
||||||
if (regcomp_auth_token(parsedline->token, IdentFileName, line_num,
|
if (regcomp_auth_token(parsedline->token, file_name, line_num,
|
||||||
err_msg, elevel))
|
err_msg, elevel))
|
||||||
{
|
{
|
||||||
/* err_msg includes the error to report */
|
/* err_msg includes the error to report */
|
||||||
|
|||||||
@ -93,6 +93,7 @@ typedef struct AuthToken
|
|||||||
|
|
||||||
typedef struct HbaLine
|
typedef struct HbaLine
|
||||||
{
|
{
|
||||||
|
char *sourcefile;
|
||||||
int linenumber;
|
int linenumber;
|
||||||
char *rawline;
|
char *rawline;
|
||||||
ConnType conntype;
|
ConnType conntype;
|
||||||
@ -157,6 +158,7 @@ typedef struct IdentLine
|
|||||||
typedef struct TokenizedAuthLine
|
typedef struct TokenizedAuthLine
|
||||||
{
|
{
|
||||||
List *fields; /* List of lists of AuthTokens */
|
List *fields; /* List of lists of AuthTokens */
|
||||||
|
char *file_name; /* File name of origin */
|
||||||
int line_num; /* Line number */
|
int line_num; /* Line number */
|
||||||
char *raw_line; /* Raw line text */
|
char *raw_line; /* Raw line text */
|
||||||
char *err_msg; /* Error message if any */
|
char *err_msg; /* Error message if any */
|
||||||
|
|||||||
Reference in New Issue
Block a user