database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-11 10:01:57 +03:00
Code Activity

pgindent run for 8.2.

Browse Source
This commit is contained in:
Bruce Momjian
2006-10-04 00:30:14 +00:00
parent 451e419e98
commit f99a569a2e
522 changed files with 21297 additions and 17170 deletions
Download Patch File Download Diff File Expand all files Collapse all files

249
src/backend/libpq/auth.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.143 2006/10/03 21:21:36 momjian Exp $
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.144 2006/10/04 00:29:53 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@ -75,16 +75,17 @@ static Port *pam_port_cludge; /* Workaround for passing "Port *port" into
#include <winldap.h>
/* Correct header from the Platform SDK */
typedef ULONG (*__ldap_start_tls_sA)(
IN PLDAP ExternalHandle,
OUT PULONG ServerReturnValue,
OUT LDAPMessage **result,
IN PLDAPControlA *ServerControls,
IN PLDAPControlA *ClientControls
typedef
ULONG(*__ldap_start_tls_sA) (
IN PLDAP ExternalHandle,
OUT PULONG ServerReturnValue,
OUT LDAPMessage ** result,
IN PLDAPControlA * ServerControls,
IN PLDAPControlA * ClientControls
);
#endif
static int CheckLDAPAuth(Port *port);
static int CheckLDAPAuth(Port *port);
#endif
@ -347,9 +348,9 @@ auth_failed(Port *port, int status)
break;
#endif /* USE_PAM */
#ifdef USE_LDAP
case uaLDAP:
errstr = gettext_noop("LDAP authentication failed for user \"%s\"");
break;
case uaLDAP:
errstr = gettext_noop("LDAP authentication failed for user \"%s\"");
break;
#endif /* USE_LDAP */
default:
errstr = gettext_noop("authentication failed for user \"%s\": invalid authentication method");
@ -480,9 +481,9 @@ ClientAuthentication(Port *port)
#endif /* USE_PAM */
#ifdef USE_LDAP
case uaLDAP:
status = CheckLDAPAuth(port);
break;
case uaLDAP:
status = CheckLDAPAuth(port);
break;
#endif
case uaTrust:
@ -709,100 +710,102 @@ CheckPAMAuth(Port *port, char *user, char *password)
static int
CheckLDAPAuth(Port *port)
{
char *passwd;
char server[128];
char basedn[128];
char prefix[128];
char suffix[128];
LDAP *ldap;
int ssl = 0;
int r;
int ldapversion = LDAP_VERSION3;
int ldapport = LDAP_PORT;
char fulluser[128];
char *passwd;
char server[128];
char basedn[128];
char prefix[128];
char suffix[128];
LDAP *ldap;
int ssl = 0;
int r;
int ldapversion = LDAP_VERSION3;
int ldapport = LDAP_PORT;
char fulluser[128];
if (!port->auth_arg || port->auth_arg[0] == '\0')
{
ereport(LOG,
(errmsg("LDAP configuration URL not specified")));
return STATUS_ERROR;
}
if (!port->auth_arg || port->auth_arg[0] == '\0')
{
ereport(LOG,
(errmsg("LDAP configuration URL not specified")));
return STATUS_ERROR;
}
/*
* Crack the LDAP url. We do a very trivial parse..
* ldap[s]://<server>[:<port>]/<basedn>[;prefix[;suffix]]
*/
/*
* Crack the LDAP url. We do a very trivial parse..
* ldap[s]://<server>[:<port>]/<basedn>[;prefix[;suffix]]
*/
server[0] = '\0';
basedn[0] = '\0';
prefix[0] = '\0';
suffix[0] = '\0';
server[0] = '\0';
basedn[0] = '\0';
prefix[0] = '\0';
suffix[0] = '\0';
/* ldap, including port number */
r = sscanf(port->auth_arg,
"ldap://%127[^:]:%i/%127[^;];%127[^;];%127s",
server, &ldapport, basedn, prefix, suffix);
if (r < 3)
{
/* ldaps, including port number */
r = sscanf(port->auth_arg,
"ldaps://%127[^:]:%i/%127[^;];%127[^;];%127s",
server, &ldapport, basedn, prefix, suffix);
if (r >=3) ssl = 1;
}
if (r < 3)
{
/* ldap, no port number */
r = sscanf(port->auth_arg,
"ldap://%127[^/]/%127[^;];%127[^;];%127s",
server, basedn, prefix, suffix);
}
if (r < 2)
{
/* ldaps, no port number */
r = sscanf(port->auth_arg,
"ldaps://%127[^/]/%127[^;];%127[^;];%127s",
server, basedn, prefix, suffix);
if (r >= 2) ssl = 1;
}
if (r < 2)
{
ereport(LOG,
(errmsg("invalid LDAP URL: \"%s\"",
/* ldap, including port number */
r = sscanf(port->auth_arg,
"ldap://%127[^:]:%i/%127[^;];%127[^;];%127s",
server, &ldapport, basedn, prefix, suffix);
if (r < 3)
{
/* ldaps, including port number */
r = sscanf(port->auth_arg,
"ldaps://%127[^:]:%i/%127[^;];%127[^;];%127s",
server, &ldapport, basedn, prefix, suffix);
if (r >= 3)
ssl = 1;
}
if (r < 3)
{
/* ldap, no port number */
r = sscanf(port->auth_arg,
"ldap://%127[^/]/%127[^;];%127[^;];%127s",
server, basedn, prefix, suffix);
}
if (r < 2)
{
/* ldaps, no port number */
r = sscanf(port->auth_arg,
"ldaps://%127[^/]/%127[^;];%127[^;];%127s",
server, basedn, prefix, suffix);
if (r >= 2)
ssl = 1;
}
if (r < 2)
{
ereport(LOG,
(errmsg("invalid LDAP URL: \"%s\"",
port->auth_arg)));
return STATUS_ERROR;
}
return STATUS_ERROR;
}
sendAuthRequest(port, AUTH_REQ_PASSWORD);
passwd = recv_password_packet(port);
if (passwd == NULL)
return STATUS_EOF; /* client wouldn't send password */
ldap = ldap_init(server, ldapport);
if (!ldap)
{
sendAuthRequest(port, AUTH_REQ_PASSWORD);
passwd = recv_password_packet(port);
if (passwd == NULL)
return STATUS_EOF; /* client wouldn't send password */
ldap = ldap_init(server, ldapport);
if (!ldap)
{
#ifndef WIN32
ereport(LOG,
(errmsg("could not initialize LDAP: error code %d",
errno)));
ereport(LOG,
(errmsg("could not initialize LDAP: error code %d",
errno)));
#else
ereport(LOG,
(errmsg("could not initialize LDAP: error code %d",
(int) LdapGetLastError())));
ereport(LOG,
(errmsg("could not initialize LDAP: error code %d",
(int) LdapGetLastError())));
#endif
return STATUS_ERROR;
}
return STATUS_ERROR;
}
if ((r = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS)
{
ereport(LOG,
(errmsg("could not set LDAP protocol version: error code %d", r)));
return STATUS_ERROR;
}
if (ssl)
{
if ((r = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS)
{
ereport(LOG,
(errmsg("could not set LDAP protocol version: error code %d", r)));
return STATUS_ERROR;
}
if (ssl)
{
#ifndef WIN32
if ((r = ldap_start_tls_s(ldap, NULL, NULL)) != LDAP_SUCCESS)
#else
@ -815,17 +818,20 @@ CheckLDAPAuth(Port *port)
* exist on Windows 2000, and causes a load error for the whole
* exe if referenced.
*/
HANDLE ldaphandle;
HANDLE ldaphandle;
ldaphandle = LoadLibrary("WLDAP32.DLL");
if (ldaphandle == NULL)
{
/* should never happen since we import other files from wldap32, but check anyway */
/*
* should never happen since we import other files from
* wldap32, but check anyway
*/
ereport(LOG,
(errmsg("could not load wldap32.dll")));
return STATUS_ERROR;
}
_ldap_start_tls_sA = (__ldap_start_tls_sA)GetProcAddress(ldaphandle, "ldap_start_tls_sA");
_ldap_start_tls_sA = (__ldap_start_tls_sA) GetProcAddress(ldaphandle, "ldap_start_tls_sA");
if (_ldap_start_tls_sA == NULL)
{
ereport(LOG,
@ -839,33 +845,32 @@ CheckLDAPAuth(Port *port)
* process and is automatically cleaned up on process exit.
*/
}
if ((r = _ldap_start_tls_sA(ldap, NULL, NULL, NULL, NULL)) != LDAP_SUCCESS)
if ((r = _ldap_start_tls_sA(ldap, NULL, NULL, NULL, NULL)) != LDAP_SUCCESS)
#endif
{
ereport(LOG,
(errmsg("could not start LDAP TLS session: error code %d", r)));
return STATUS_ERROR;
}
}
{
ereport(LOG,
(errmsg("could not start LDAP TLS session: error code %d", r)));
return STATUS_ERROR;
}
}
snprintf(fulluser, sizeof(fulluser)-1, "%s%s%s",
snprintf(fulluser, sizeof(fulluser) - 1, "%s%s%s",
prefix, port->user_name, suffix);
fulluser[sizeof(fulluser)-1] = '\0';
fulluser[sizeof(fulluser) - 1] = '\0';
r = ldap_simple_bind_s(ldap, fulluser, passwd);
ldap_unbind(ldap);
r = ldap_simple_bind_s(ldap, fulluser, passwd);
ldap_unbind(ldap);
if (r != LDAP_SUCCESS)
{
ereport(LOG,
(errmsg("LDAP login failed for user \"%s\" on server \"%s\": error code %d",
if (r != LDAP_SUCCESS)
{
ereport(LOG,
(errmsg("LDAP login failed for user \"%s\" on server \"%s\": error code %d",
fulluser, server, r)));
return STATUS_ERROR;
}
return STATUS_OK;
}
return STATUS_ERROR;
}
return STATUS_OK;
}
#endif /* USE_LDAP */
/*