hba

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package hba implements an hba.conf parser.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AnyAddr 

type AnyAddr struct{}

AnyAddr represents "any address" and is used when parsing "all" for the "Address" field.

func (AnyAddr) String 

func (AnyAddr) String() string

String implements the fmt.Stringer interface.

type Conf 

type Conf struct {
	Entries []Entry
}

Conf is a parsed configuration.

func Parse 

func Parse(input string) (*Conf, error)

Parse parses the provided HBA configuration.

func ParseAndNormalize 

func ParseAndNormalize(val string) (*Conf, error)

ParseAndNormalize parses the HBA configuration from the provided string and performs two tasks:

  • it unicode-normalizes the usernames. Since usernames are initialized during pgwire session initialization, this ensures that string comparisons can be used to match usernames.
  • it ensures there is one entry per username. This simplifies the code in the authentication logic.

func (Conf) String 

func (c Conf) String() string

String implements the fmt.Stringer interface.

type ConnType 

type ConnType int

ConnType represents the type of connection matched by a rule. 

const (
	// ConnLocal matches unix socket connections.
	ConnLocal ConnType = 1 << iota
	// ConnHostNoSSL matches TCP connections without SSL/TLS.
	ConnHostNoSSL
	// ConnHostSSL matches TCP connections with SSL/TLS.
	ConnHostSSL

	// ConnHostAny matches TCP connections with or without SSL/TLS.
	ConnHostAny = ConnHostNoSSL | ConnHostSSL

	// ConnAny matches any connection type. Used when registering auth
	// methods.
	ConnAny = ConnHostAny | ConnLocal
)

func ParseConnType 

func ParseConnType(s string) (ConnType, error)

ParseConnType parses the connection type field.

func (ConnType) String 

func (t ConnType) String() string

String implements the fmt.Stringer interface.

type Entry 

type Entry struct {
	// ConnType is the connection type to match.
	ConnType ConnType
	// Database is the list of databases to match. An empty list means
	// "match any database".
	Database []String
	// User is the list of users to match. An empty list means "match
	// any user".
	User []String
	// Address is either AnyAddr, *net.IPNet or (unsupported) String for a hostname.
	Address interface{}
	Method  String
	// MethodFn is populated during name resolution of Method.
	MethodFn     interface{}
	Options      [][2]string
	OptionQuotes []bool
	// Input is the original configuration line in the HBA configuration string.
	// This is used for auditing purposes.
	Input string
	// Generated is true if the entry was expanded from another. All the
	// generated entries share the same value for Input.
	Generated bool
}

Entry is a single line of a configuration.

func (Entry) AddressMatches 

func (h Entry) AddressMatches(addr net.IP) (bool, error)

AddressMatches returns true iff the provided address matches the entry. The function assumes the entry was normalized already. See ParseAndNormalize.

func (Entry) AddressString 

func (h Entry) AddressString() string

AddressString returns a string that describes the address field.

func (Entry) ConnMatches 

func (h Entry) ConnMatches(clientConn ConnType, ip net.IP) (bool, error)

ConnMatches returns true iff the provided client connection type and address matches the entry spec.

func (Entry) ConnTypeMatches 

func (h Entry) ConnTypeMatches(clientConn ConnType) bool

ConnTypeMatches returns true iff the provided actual client connection type matches the connection type specified in the rule.

func (Entry) DatabaseString 

func (h Entry) DatabaseString() string

DatabaseString returns a string that describes the database field.

func (Entry) Equivalent 

func (h Entry) Equivalent(other Entry) bool

Equivalent returns true iff the entry is equivalent to another, excluding the original syntax.

func (Entry) GetOption 

func (h Entry) GetOption(name string) string

GetOption returns the value of option name if there is exactly one occurrence of name in the options list, otherwise the empty string.

func (Entry) GetOptions 

func (h Entry) GetOptions(name string) []string

GetOptions returns all values of option name.

func (Entry) OptionsString 

func (h Entry) OptionsString() string

OptionsString returns a string that describes the option field.

func (Entry) String 

func (h Entry) String() string

String implements the fmt.Stringer interface.

func (Entry) UserMatches 

func (h Entry) UserMatches(userName security.SQLUsername) bool

UserMatches returns true iff the provided username matches an entry in the User list or if the user list is empty (the entry matches all).

The provided username must be normalized already. The function assumes the entry was normalized to contain only one user and its username normalized. See ParseAndNormalize().

func (Entry) UserString 

func (h Entry) UserString() string

UserString returns a string that describes the username field.

type String 

type String struct {
	Value  string
	Quoted bool
}

String is a possibly quoted string.

func (String) Empty 

func (s String) Empty() bool

Empty returns true iff s is the unquoted empty string.

func (String) IsKeyword 

func (s String) IsKeyword(v string) bool

IsKeyword returns whether s is the non-quoted string v.

func (String) String 

func (s String) String() string

String implements the fmt.Stringer interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.