diff options
| author | Daniel Gustafsson <dgustafsson@postgresql.org> | 2024-03-21 14:45:46 +0100 |
|---|---|---|
| committer | Daniel Gustafsson <dgustafsson@postgresql.org> | 2024-03-21 14:45:46 +0100 |
| commit | 24178e235ea56aca9233e640dd7ff9b17e858b07 (patch) | |
| tree | ad742fd421ec645cb510af69bc04f04975dac3c2 /src/interfaces/libpq/fe-auth-sasl.h | |
| parent | 1db689715d44276407dc4d6fadbc11da8d391bd9 (diff) | |
Refactor SASL exchange to return tri-state status
The SASL exchange callback returned state in to output variables:
done and success. This refactors that logic by introducing a new
return variable of type SASLStatus which makes the code easier to
read and understand, and prepares for future SASL exchanges which
operate asynchronously.
This was extracted from a larger patchset to introduce OAuthBearer
authentication and authorization.
Author: Jacob Champion <jacob.champion@enterprisedb.com>
Discussion: https://postgr.es/m/d1b467a78e0e36ed85a09adf979d04cf124a9d4b.camel@vmware.com
Diffstat (limited to 'src/interfaces/libpq/fe-auth-sasl.h')
| -rw-r--r-- | src/interfaces/libpq/fe-auth-sasl.h | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/src/interfaces/libpq/fe-auth-sasl.h b/src/interfaces/libpq/fe-auth-sasl.h index ee5d1525b55..4eecf53a150 100644 --- a/src/interfaces/libpq/fe-auth-sasl.h +++ b/src/interfaces/libpq/fe-auth-sasl.h @@ -22,6 +22,17 @@ #include "libpq-fe.h" /* + * Possible states for the SASL exchange, see the comment on exchange for an + * explanation of these. + */ +typedef enum +{ + SASL_COMPLETE = 0, + SASL_FAILED, + SASL_CONTINUE, +} SASLStatus; + +/* * Frontend SASL mechanism callbacks. * * To implement a frontend mechanism, declare a pg_be_sasl_mech struct with @@ -59,7 +70,8 @@ typedef struct pg_fe_sasl_mech * Produces a client response to a server challenge. As a special case * for client-first SASL mechanisms, exchange() is called with a NULL * server response once at the start of the authentication exchange to - * generate an initial response. + * generate an initial response. Returns a SASLStatus indicating the + * state and status of the exchange. * * Input parameters: * @@ -79,22 +91,23 @@ typedef struct pg_fe_sasl_mech * * output: A malloc'd buffer containing the client's response to * the server (can be empty), or NULL if the exchange should - * be aborted. (*success should be set to false in the + * be aborted. (The callback should return SASL_FAILED in the * latter case.) * * outputlen: The length (0 or higher) of the client response buffer, * ignored if output is NULL. * - * done: Set to true if the SASL exchange should not continue, - * because the exchange is either complete or failed + * Return value: * - * success: Set to true if the SASL exchange completed successfully. - * Ignored if *done is false. + * SASL_CONTINUE: The output buffer is filled with a client response. + * Additional server challenge is expected + * SASL_COMPLETE: The SASL exchange has completed successfully. + * SASL_FAILED: The exchange has failed and the connection should be + * dropped. *-------- */ - void (*exchange) (void *state, char *input, int inputlen, - char **output, int *outputlen, - bool *done, bool *success); + SASLStatus (*exchange) (void *state, char *input, int inputlen, + char **output, int *outputlen); /*-------- * channel_bound() |