Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitc591300

Browse files
committed
Add rule_number to pg_hba_file_rules and map_number to pg_ident_file_mappings
These numbers are strictly-monotone identifiers assigned to each ruleof pg_hba_file_rules and each map of pg_ident_file_mappings when loadingthe HBA and ident configuration files, indicating the order in whichthey are checked at authentication time, until a match is found.With only one file loaded currently, this is equivalent to the linenumbers assigned to the entries loaded if one wants to know their order,but this becomes mandatory once the inclusion of external files isadded to the HBA and ident files to be able to know in which order therules and/or maps are applied at authentication. Note that NULL is usedwhen a HBA or ident entry cannot be parsed or validated, aka when anerror exists, contrary to the line number.Bump catalog version.Author: Julien RouhaudDiscussion:https://postgr.es/m/20220223045959.35ipdsvbxcstrhya@jrouhaud
1 parent37d2644 commitc591300

File tree

5 files changed

+74
-21
lines changed

5 files changed

+74
-21
lines changed

‎doc/src/sgml/system-views.sgml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -991,6 +991,17 @@
991991
</thead>
992992

993993
<tbody>
994+
<row>
995+
<entry role="catalog_table_entry"><para role="column_definition">
996+
<structfield>rule_number</structfield> <type>int4</type>
997+
</para>
998+
<para>
999+
Number of this rule, if valid, otherwise <literal>NULL</literal>.
1000+
This indicates the order in which each rule is considered
1001+
until a match is found during authentication.
1002+
</para></entry>
1003+
</row>
1004+
9941005
<row>
9951006
<entry role="catalog_table_entry"><para role="column_definition">
9961007
<structfield>line_number</structfield> <type>int4</type>
@@ -1131,6 +1142,16 @@
11311142
</thead>
11321143

11331144
<tbody>
1145+
<row>
1146+
<entry role="catalog_table_entry"><para role="column_definition">
1147+
<structfield>map_number</structfield> <type>int4</type>
1148+
</para>
1149+
<para>
1150+
Number of this map, in priority order, if valid, otherwise
1151+
<literal>NULL</literal>
1152+
</para></entry>
1153+
</row>
1154+
11341155
<row>
11351156
<entry role="catalog_table_entry"><para role="column_definition">
11361157
<structfield>line_number</structfield> <type>int4</type>

‎src/backend/utils/adt/hbafuncs.c

Lines changed: 40 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -26,10 +26,12 @@
2626

2727
staticArrayType*get_hba_options(HbaLine*hba);
2828
staticvoidfill_hba_line(Tuplestorestate*tuple_store,TupleDesctupdesc,
29-
intlineno,HbaLine*hba,constchar*err_msg);
29+
intrule_number,intlineno,HbaLine*hba,
30+
constchar*err_msg);
3031
staticvoidfill_hba_view(Tuplestorestate*tuple_store,TupleDesctupdesc);
3132
staticvoidfill_ident_line(Tuplestorestate*tuple_store,TupleDesctupdesc,
32-
intlineno,IdentLine*ident,constchar*err_msg);
33+
intmap_number,intlineno,IdentLine*ident,
34+
constchar*err_msg);
3335
staticvoidfill_ident_view(Tuplestorestate*tuple_store,TupleDesctupdesc);
3436

3537

@@ -157,14 +159,15 @@ get_hba_options(HbaLine *hba)
157159
}
158160

159161
/* Number of columns in pg_hba_file_rules view */
160-
#defineNUM_PG_HBA_FILE_RULES_ATTS9
162+
#defineNUM_PG_HBA_FILE_RULES_ATTS10
161163

162164
/*
163165
* fill_hba_line
164166
*Build one row of pg_hba_file_rules view, add it to tuplestore.
165167
*
166168
* tuple_store: where to store data
167169
* tupdesc: tuple descriptor for the view
170+
* rule_number: unique identifier among all valid rules
168171
* lineno: pg_hba.conf line number (must always be valid)
169172
* hba: parsed line data (can be NULL, in which case err_msg should be set)
170173
* err_msg: error message (NULL if none)
@@ -174,7 +177,8 @@ get_hba_options(HbaLine *hba)
174177
*/
175178
staticvoid
176179
fill_hba_line(Tuplestorestate*tuple_store,TupleDesctupdesc,
177-
intlineno,HbaLine*hba,constchar*err_msg)
180+
intrule_number,intlineno,HbaLine*hba,
181+
constchar*err_msg)
178182
{
179183
Datumvalues[NUM_PG_HBA_FILE_RULES_ATTS];
180184
boolnulls[NUM_PG_HBA_FILE_RULES_ATTS];
@@ -193,6 +197,12 @@ fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
193197
memset(nulls,0,sizeof(nulls));
194198
index=0;
195199

200+
/* rule_number, nothing on error */
201+
if (err_msg)
202+
nulls[index++]= true;
203+
else
204+
values[index++]=Int32GetDatum(rule_number);
205+
196206
/* line_number */
197207
values[index++]=Int32GetDatum(lineno);
198208

@@ -336,7 +346,7 @@ fill_hba_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
336346
else
337347
{
338348
/* no parsing result, so set relevant fields to nulls */
339-
memset(&nulls[1], true, (NUM_PG_HBA_FILE_RULES_ATTS-2)*sizeof(bool));
349+
memset(&nulls[2], true, (NUM_PG_HBA_FILE_RULES_ATTS-3)*sizeof(bool));
340350
}
341351

342352
/* error */
@@ -359,6 +369,7 @@ fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
359369
FILE*file;
360370
List*hba_lines=NIL;
361371
ListCell*line;
372+
intrule_number=0;
362373
MemoryContextlinecxt;
363374
MemoryContexthbacxt;
364375
MemoryContextoldcxt;
@@ -393,8 +404,12 @@ fill_hba_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
393404
if (tok_line->err_msg==NULL)
394405
hbaline=parse_hba_line(tok_line,DEBUG3);
395406

396-
fill_hba_line(tuple_store,tupdesc,tok_line->line_num,
397-
hbaline,tok_line->err_msg);
407+
/* No error, set a new rule number */
408+
if (tok_line->err_msg==NULL)
409+
rule_number++;
410+
411+
fill_hba_line(tuple_store,tupdesc,rule_number,
412+
tok_line->line_num,hbaline,tok_line->err_msg);
398413
}
399414

400415
/* Free tokenizer memory */
@@ -431,14 +446,15 @@ pg_hba_file_rules(PG_FUNCTION_ARGS)
431446
}
432447

433448
/* Number of columns in pg_ident_file_mappings view */
434-
#defineNUM_PG_IDENT_FILE_MAPPINGS_ATTS5
449+
#defineNUM_PG_IDENT_FILE_MAPPINGS_ATTS6
435450

436451
/*
437452
* fill_ident_line: build one row of pg_ident_file_mappings view, add it to
438453
* tuplestore
439454
*
440455
* tuple_store: where to store data
441456
* tupdesc: tuple descriptor for the view
457+
* map_number: unique identifier among all valid maps
442458
* lineno: pg_ident.conf line number (must always be valid)
443459
* ident: parsed line data (can be NULL, in which case err_msg should be set)
444460
* err_msg: error message (NULL if none)
@@ -448,7 +464,8 @@ pg_hba_file_rules(PG_FUNCTION_ARGS)
448464
*/
449465
staticvoid
450466
fill_ident_line(Tuplestorestate*tuple_store,TupleDesctupdesc,
451-
intlineno,IdentLine*ident,constchar*err_msg)
467+
intmap_number,intlineno,IdentLine*ident,
468+
constchar*err_msg)
452469
{
453470
Datumvalues[NUM_PG_IDENT_FILE_MAPPINGS_ATTS];
454471
boolnulls[NUM_PG_IDENT_FILE_MAPPINGS_ATTS];
@@ -461,6 +478,12 @@ fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
461478
memset(nulls,0,sizeof(nulls));
462479
index=0;
463480

481+
/* map_number, nothing on error */
482+
if (err_msg)
483+
nulls[index++]= true;
484+
else
485+
values[index++]=Int32GetDatum(map_number);
486+
464487
/* line_number */
465488
values[index++]=Int32GetDatum(lineno);
466489

@@ -473,7 +496,7 @@ fill_ident_line(Tuplestorestate *tuple_store, TupleDesc tupdesc,
473496
else
474497
{
475498
/* no parsing result, so set relevant fields to nulls */
476-
memset(&nulls[1], true, (NUM_PG_IDENT_FILE_MAPPINGS_ATTS-2)*sizeof(bool));
499+
memset(&nulls[2], true, (NUM_PG_IDENT_FILE_MAPPINGS_ATTS-3)*sizeof(bool));
477500
}
478501

479502
/* error */
@@ -495,6 +518,7 @@ fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
495518
FILE*file;
496519
List*ident_lines=NIL;
497520
ListCell*line;
521+
intmap_number=0;
498522
MemoryContextlinecxt;
499523
MemoryContextidentcxt;
500524
MemoryContextoldcxt;
@@ -529,7 +553,12 @@ fill_ident_view(Tuplestorestate *tuple_store, TupleDesc tupdesc)
529553
if (tok_line->err_msg==NULL)
530554
identline=parse_ident_line(tok_line,DEBUG3);
531555

532-
fill_ident_line(tuple_store,tupdesc,tok_line->line_num,identline,
556+
/* no error, set a new mapping number */
557+
if (tok_line->err_msg==NULL)
558+
map_number++;
559+
560+
fill_ident_line(tuple_store,tupdesc,map_number,
561+
tok_line->line_num,identline,
533562
tok_line->err_msg);
534563
}
535564

‎src/include/catalog/catversion.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,6 @@
5757
*/
5858

5959
/*yyyymmddN */
60-
#defineCATALOG_VERSION_NO202210141
60+
#defineCATALOG_VERSION_NO202210261
6161

6262
#endif

‎src/include/catalog/pg_proc.dat

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6135,15 +6135,16 @@
61356135
{ oid => '3401', descr => 'show pg_hba.conf rules',
61366136
proname => 'pg_hba_file_rules', prorows => '1000', proretset => 't',
61376137
provolatile => 'v', prorettype => 'record', proargtypes => '',
6138-
proallargtypes => '{int4,text,_text,_text,text,text,text,_text,text}',
6139-
proargmodes => '{o,o,o,o,o,o,o,o,o}',
6140-
proargnames => '{line_number,type,database,user_name,address,netmask,auth_method,options,error}',
6138+
proallargtypes => '{int4,int4,text,_text,_text,text,text,text,_text,text}',
6139+
proargmodes => '{o,o,o,o,o,o,o,o,o,o}',
6140+
proargnames => '{rule_number,line_number,type,database,user_name,address,netmask,auth_method,options,error}',
61416141
prosrc => 'pg_hba_file_rules' },
61426142
{ oid => '6250', descr => 'show pg_ident.conf mappings',
61436143
proname => 'pg_ident_file_mappings', prorows => '1000', proretset => 't',
61446144
provolatile => 'v', prorettype => 'record', proargtypes => '',
6145-
proallargtypes => '{int4,text,text,text,text}', proargmodes => '{o,o,o,o,o}',
6146-
proargnames => '{line_number,map_name,sys_name,pg_username,error}',
6145+
proallargtypes => '{int4,int4,text,text,text,text}',
6146+
proargmodes => '{o,o,o,o,o,o}',
6147+
proargnames => '{map_number,line_number,map_name,sys_name,pg_username,error}',
61476148
prosrc => 'pg_ident_file_mappings' },
61486149
{ oid => '1371', descr => 'view system lock information',
61496150
proname => 'pg_lock_status', prorows => '1000', proretset => 't',

‎src/test/regress/expected/rules.out

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1337,7 +1337,8 @@ pg_group| SELECT pg_authid.rolname AS groname,
13371337
WHERE (pg_auth_members.roleid = pg_authid.oid)) AS grolist
13381338
FROM pg_authid
13391339
WHERE (NOT pg_authid.rolcanlogin);
1340-
pg_hba_file_rules| SELECT a.line_number,
1340+
pg_hba_file_rules| SELECT a.rule_number,
1341+
a.line_number,
13411342
a.type,
13421343
a.database,
13431344
a.user_name,
@@ -1346,13 +1347,14 @@ pg_hba_file_rules| SELECT a.line_number,
13461347
a.auth_method,
13471348
a.options,
13481349
a.error
1349-
FROM pg_hba_file_rules() a(line_number, type, database, user_name, address, netmask, auth_method, options, error);
1350-
pg_ident_file_mappings| SELECT a.line_number,
1350+
FROM pg_hba_file_rules() a(rule_number, line_number, type, database, user_name, address, netmask, auth_method, options, error);
1351+
pg_ident_file_mappings| SELECT a.map_number,
1352+
a.line_number,
13511353
a.map_name,
13521354
a.sys_name,
13531355
a.pg_username,
13541356
a.error
1355-
FROM pg_ident_file_mappings() a(line_number, map_name, sys_name, pg_username, error);
1357+
FROM pg_ident_file_mappings() a(map_number,line_number, map_name, sys_name, pg_username, error);
13561358
pg_indexes| SELECT n.nspname AS schemaname,
13571359
c.relname AS tablename,
13581360
i.relname AS indexname,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp