static int ldapServiceLookup()

in src/pgclient/src/interfaces/libpq/fe-connect.c [72:325]


static int ldapServiceLookup(const char *purl, PQconninfoOption *options,
				  PQExpBuffer errorMessage);
#endif

#include "libpq/ip.h"
#include "mb/pg_wchar.h"

#ifndef FD_CLOEXEC
#define FD_CLOEXEC 1
#endif


#ifndef WIN32
#define PGPASSFILE ".pgpass"
#else
#define PGPASSFILE "pgpass.conf"
#endif

/*
 * Pre-9.0 servers will return this SQLSTATE if asked to set
 * application_name in a startup packet.  We hard-wire the value rather
 * than looking into errcodes.h since it reflects historical behavior
 * rather than that of the current code.
 */
#define ERRCODE_APPNAME_UNKNOWN "42704"

/* This is part of the protocol so just define it */
#define ERRCODE_INVALID_PASSWORD "28P01"
/* This too */
#define ERRCODE_CANNOT_CONNECT_NOW "57P03"

/*
 * fall back options if they are not specified by arguments or defined
 * by environment variables
 */
#define DefaultHost		"localhost"
#define DefaultTty		""
#define DefaultOption	""
#define DefaultAuthtype		  ""
#define DefaultPassword		  ""
#ifdef USE_SSL
#define DefaultSSLMode "disable" /* prefer */
#else
#define DefaultSSLMode	"disable"
#endif

/* ----------
 * Definition of the conninfo parameters and their fallback resources.
 *
 * If Environment-Var and Compiled-in are specified as NULL, no
 * fallback is available. If after all no value can be determined
 * for an option, an error is returned.
 *
 * The value for the username is treated specially in conninfo_parse.
 * If the Compiled-in resource is specified as a NULL value, the
 * user is determined by pg_fe_getauthname().
 *
 * The Label and Disp-Char entries are provided for applications that
 * want to use PQconndefaults() to create a generic database connection
 * dialog. Disp-Char is defined as follows:
 *		""		Normal input field
 *		"*"		Password field - hide value
 *		"D"		Debug option - don't show by default
 *
 * PQconninfoOptions[] is a constant static array that we use to initialize
 * a dynamically allocated working copy.  All the "val" fields in
 * PQconninfoOptions[] *must* be NULL.	In a working copy, non-null "val"
 * fields point to malloc'd strings that should be freed when the working
 * array is freed (see PQconninfoFree).
 * ----------
 */
static const PQconninfoOption PQconninfoOptions[] = {
	/*
	 * "authtype" is no longer used, so mark it "don't show".  We keep it in
	 * the array so as not to reject conninfo strings from old apps that might
	 * still try to set it.
	 */
	{"authtype", "PGAUTHTYPE", DefaultAuthtype, NULL,
	"Database-Authtype", "D", 20},

	{"service", "PGSERVICE", NULL, NULL,
	"Database-Service", "", 20},

	{"user", "PGUSER", NULL, NULL,
	"Database-User", "", 20},

	{"password", "PGPASSWORD", NULL, NULL,
	"Database-Password", "*", 20},

	{"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL,
	"Connect-timeout", "", 10}, /* strlen(INT32_MAX) == 10 */

	{"dbname", "PGDATABASE", NULL, NULL,
	"Database-Name", "", 20},

	{"host", "PGHOST", NULL, NULL,
	"Database-Host", "", 40},

	{"hostaddr", "PGHOSTADDR", NULL, NULL,
	"Database-Host-IP-Address", "", 45},

	{"port", "PGPORT", DEF_PGPORT_STR, NULL,
	"Database-Port", "", 6},

	{"client_encoding", "PGCLIENTENCODING", NULL, NULL,
	"Client-Encoding", "", 10},

	/*
	 * "tty" is no longer used either, but keep it present for backwards
	 * compatibility.
	 */
	{"tty", "PGTTY", DefaultTty, NULL,
	"Backend-Debug-TTY", "D", 40},

	{"options", "PGOPTIONS", DefaultOption, NULL,
	"Backend-Debug-Options", "D", 40},

	{"application_name", "PGAPPNAME", NULL, NULL,
	"Application-Name", "", 64},

	{"fallback_application_name", NULL, NULL, NULL,
	"Fallback-Application-Name", "", 64},

	{"keepalives", NULL, NULL, NULL,
	"TCP-Keepalives", "", 1},	/* should be just '0' or '1' */

	{"keepalives_idle", NULL, NULL, NULL,
	"TCP-Keepalives-Idle", "", 10},		/* strlen(INT32_MAX) == 10 */

	{"keepalives_interval", NULL, NULL, NULL,
	"TCP-Keepalives-Interval", "", 10}, /* strlen(INT32_MAX) == 10 */

	{"keepalives_count", NULL, NULL, NULL,
	"TCP-Keepalives-Count", "", 10},	/* strlen(INT32_MAX) == 10 */

#ifdef USE_SSL

	/*
	 * "requiressl" is deprecated, its purpose having been taken over by
	 * "sslmode". It remains for backwards compatibility.
	 */
	{"requiressl", "PGREQUIRESSL", "0", NULL,
	"Require-SSL", "D", 1},
#endif

	/*
	 * ssl options are allowed even without client SSL support because the
	 * client can still handle SSL modes "disable" and "allow". Other
	 * parameters have no effect on non-SSL connections, so there is no reason
	 * to exclude them since none of them are mandatory.
	 */
	{"sslmode", "PGSSLMODE", DefaultSSLMode, NULL,
	"SSL-Mode", "", 8},			/* sizeof("disable") == 8 */

	{"sslcert", "PGSSLCERT", NULL, NULL,
	"SSL-Client-Cert", "", 64},

	{"compression", "PGCOMPRESSION", "off", NULL,
	  "Libpq-compression", "", 16},

	{"sslkey", "PGSSLKEY", NULL, NULL,
	"SSL-Client-Key", "", 64},

	{"sslrootcert", "PGSSLROOTCERT", NULL, NULL,
	"SSL-Root-Certificate", "", 64},

  {"ssldefaultrootcert", NULL, NULL, NULL,
  "SSL-Default-Root-Certificate", "", 64},

	{"sslcrl", "PGSSLCRL", NULL, NULL,
	"SSL-Revocation-List", "", 64},

	{"requirepeer", "PGREQUIREPEER", NULL, NULL,
	"Require-Peer", "", 10},

#if defined(KRB5) || defined(ENABLE_GSS) || defined(ENABLE_SSPI)
	/* Kerberos and GSSAPI authentication support specifying the service name */
	{"krbsrvname", "PGKRBSRVNAME", PG_KRB_SRVNAM, NULL,
	"Kerberos-service-name", "", 20},
#endif

#if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
	/*
	 * GSSAPI and SSPI both enabled, give a way to override which is used by
	 * default
	 */
	{"gsslib", "PGGSSLIB", NULL, NULL,
	"GSS-library", "", 7},		/* sizeof("gssapi") = 7 */
#endif

	{"replication", NULL, NULL, NULL,
	"Replication", "D", 5},
	{"CscEnable", NULL, NULL, NULL,
	    "CscEnable", "", 10},

	{"CscMaxFileSize", NULL, NULL, NULL,
	    "CscMaxFileSize", "", 10},

	{"CscPath", NULL, NULL, NULL,
	    "CscPath", "", 64},

	{"CscThreshold", NULL, NULL, NULL,
	    "CscThreshold", "", 10},

	{"StreamingCursorRows", NULL, NULL, NULL,
	    "StreamingCursorRows", "", 10},

	{ "client_protocol_version", NULL, NULL, NULL,
		"Extended-Redshift-Protocol-Version", "", 60 },

	{ "driver_version", NULL, NULL, NULL,
		"Driver-Version", "", 64 },

	{ "os_version", NULL, NULL, NULL,
		"OS-Version", "", 64 },

	{ "plugin_name", NULL, NULL, NULL,
		"Backend-Debug-Plugin-Name", "", 64 },

	{ "proxy_host", NULL, NULL, NULL,
		"Proxy-host", "", 40 },

	{ "proxy_port", NULL, NULL, NULL,
		"Proxy-port", "", 40 },

	{ "proxy_auth_type", NULL, NULL, NULL,
		"Proxy-auth-type", "", 40 },
	{ "proxy_user", NULL, NULL, NULL,
		"Proxy-user", "", 40 },
	{ "proxy_credentials", NULL, NULL, NULL,
		"Proxy-credentials", "", 40 },

	{ "min_tls", NULL, NULL, NULL,
		"Minimum TLS", "", 10 },	/* default is 1.1 */

	{"idp_type", NULL, NULL, NULL,
	  "Redshift Native Auth IDP Type", "", 64},

	{"token_type", NULL, NULL, NULL,
	  "Redshift IdC Auth Token Type", "", 20},

	{"identity_namespace", NULL, NULL, NULL,
	  "Redshift IdC Auth Identity Namespace", "", 64},

	{"provider_name", NULL, NULL, NULL,
	  "Redshift Native Auth Provider Name", "", 64},

	{"web_identity_token", NULL, NULL, NULL,
	  "Redshift Native Auth Token", "", 64},

	/* Terminating entry --- MUST BE LAST */
	{NULL, NULL, NULL, NULL,
	NULL, NULL, 0}
};