hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-2544 Check roles in PAM authenticator

Browse Source 
Also re-adds anonymous user support.
This commit is contained in:
Esa Korhonen
2019-06-25 15:41:36 +03:00
parent d0e18b165a
commit 0996b9217a
3 changed files with 194 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/modules/authenticator/PAM/PAMAuth/pam_client_session.hh
View File

@ -27,7 +27,7 @@ public:
PamClientSession(const PamClientSession& orig) = delete;
PamClientSession& operator=(const PamClientSession&) = delete;
typedef std::vector<std::string> StringVector;
using StringVector = std::vector<std::string>;
static PamClientSession* create(const PamInstance& inst);
int authenticate(DCB* client);
@ -38,6 +38,9 @@ private:
void get_pam_user_services(const DCB* dcb,
const MYSQL_session* session,
StringVector* services_out);
bool user_can_access_db(const std::string& user, const std::string& host, const std::string& target_db);
bool role_can_access_db(const std::string& role, const std::string& target_db);
maxscale::Buffer create_auth_change_packet() const;
enum class State