diff options
| author | Michael Paquier <michael@paquier.xyz> | 2021-07-07 10:55:15 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2021-07-07 10:55:15 +0900 |
| commit | 9fd85570d179f10f93344d722005f7086b3c31ca (patch) | |
| tree | a678636aee49619b4e69f45a67df6f9498d59104 /src/interfaces/libpq/fe-auth-scram.c | |
| parent | 955b3e0f9269639fb916cee3dea37aee50b82df0 (diff) | |
Refactor SASL code with a generic interface for its mechanisms
The code of SCRAM and SASL have been tightly linked together since SCRAM
exists in the core code, making hard to apprehend the addition of new
SASL mechanisms, but these are by design different facilities, with
SCRAM being an option for SASL. This refactors the code related to both
so as the backend and the frontend use a set of callbacks for SASL
mechanisms, documenting while on it what is expected by anybody adding a
new SASL mechanism.
The separation between both layers is neat, using two sets of callbacks
for the frontend and the backend to mark the frontier between both
facilities. The shape of the callbacks is now directly inspired from
the routines used by SCRAM, so the code change is straight-forward, and
the SASL code is moved into its own set of files. These will likely
change depending on how and if new SASL mechanisms get added in the
future.
Author: Jacob Champion
Reviewed-by: Michael Paquier
Discussion: https://postgr.es/m/3d2a6f5d50e741117d6baf83eb67ebf1a8a35a11.camel@vmware.com
Diffstat (limited to 'src/interfaces/libpq/fe-auth-scram.c')
| -rw-r--r-- | src/interfaces/libpq/fe-auth-scram.c | 40 |
1 files changed, 28 insertions, 12 deletions
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c index 5881386e374..4337e89ce95 100644 --- a/src/interfaces/libpq/fe-auth-scram.c +++ b/src/interfaces/libpq/fe-auth-scram.c @@ -21,6 +21,22 @@ #include "fe-auth.h" +/* The exported SCRAM callback mechanism. */ +static void *scram_init(PGconn *conn, const char *password, + const char *sasl_mechanism); +static void scram_exchange(void *opaq, char *input, int inputlen, + char **output, int *outputlen, + bool *done, bool *success); +static bool scram_channel_bound(void *opaq); +static void scram_free(void *opaq); + +const pg_fe_sasl_mech pg_scram_mech = { + scram_init, + scram_exchange, + scram_channel_bound, + scram_free +}; + /* * Status of exchange messages used for SCRAM authentication via the * SASL protocol. @@ -72,10 +88,10 @@ static bool calculate_client_proof(fe_scram_state *state, /* * Initialize SCRAM exchange status. */ -void * -pg_fe_scram_init(PGconn *conn, - const char *password, - const char *sasl_mechanism) +static void * +scram_init(PGconn *conn, + const char *password, + const char *sasl_mechanism) { fe_scram_state *state; char *prep_password; @@ -128,8 +144,8 @@ pg_fe_scram_init(PGconn *conn, * Note that the caller must also ensure that the exchange was actually * successful. */ -bool -pg_fe_scram_channel_bound(void *opaq) +static bool +scram_channel_bound(void *opaq) { fe_scram_state *state = (fe_scram_state *) opaq; @@ -152,8 +168,8 @@ pg_fe_scram_channel_bound(void *opaq) /* * Free SCRAM exchange status */ -void -pg_fe_scram_free(void *opaq) +static void +scram_free(void *opaq) { fe_scram_state *state = (fe_scram_state *) opaq; @@ -188,10 +204,10 @@ pg_fe_scram_free(void *opaq) /* * Exchange a SCRAM message with backend. */ -void -pg_fe_scram_exchange(void *opaq, char *input, int inputlen, - char **output, int *outputlen, - bool *done, bool *success) +static void +scram_exchange(void *opaq, char *input, int inputlen, + char **output, int *outputlen, + bool *done, bool *success) { fe_scram_state *state = (fe_scram_state *) opaq; PGconn *conn = state->conn; |