Commit Graph

24 Commits

Author SHA1 Message Date
790d90f229 Update 2.3.16 Change Date 2020-01-15 11:08:51 +02:00
df6c56e7ca Update 2.3.13 Change Date 2019-10-29 12:51:31 +02:00
72ce2d2bc1 MXS-2633 Fix PAM authentication support with server version 10.4
The new server pam plugin does not always send the first password prompt with the
AuthSwitchRequest-packet. In this case the server expects the client (MaxScale) to
just send the password immediately. MaxScale now checks the length of the packet,
sending the password if the packet is short. This works with both old and new server
versions.
2019-08-13 17:15:45 +03:00
442d8bed9a MXS-2479 Add username and host to PAM authenticator log messages 2019-05-29 17:32:27 +03:00
a1697e2aa6 MXS-2479 PAMBackendAuth is more tolerant of extra messages.
The authenticator can now receive additional questions from the server even
after the original password-query.
2019-05-24 11:31:55 +03:00
bd8aa64547 MXS-2479 Accept additional messages in PAM authenticator
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
2019-05-23 14:14:25 +03:00
75ea1b6ea1 Fix formatting of new(std::nothrow)
The code previously formatted everything as `new( std::nothrow)`.
2018-10-04 21:50:44 +03:00
71ffef5708 Partially revert 4ba011266843857bbd3201e5b925a47e88e1808f
Add back leading operator enforcement.
2018-09-20 15:57:30 +03:00
d11c78ad80 Format all sources with Uncrustify
Formatted all sources and manually tuned some files to make the code look
neater.
2018-09-10 13:22:49 +03:00
c447e5cf15 Uncrustify maxscale
See script directory for method. The script to run in the top level
MaxScale directory is called maxscale-uncrustify.sh, which uses
another script, list-src, from the same directory (so you need to set
your PATH). The uncrustify version was 0.66.
2018-09-09 22:26:19 +03:00
24ab3c099c Move top of the file "#pragma once" to after the following comment (swap them). If the comment is a BPL update it to the latest one 2018-08-21 13:13:15 +03:00
cf0aeed516 MXS-2014 Rename log_manager.h to log.h
There's nothing resembling a manager anymore.
2018-08-17 10:59:37 +03:00
f14380243b Rename cppdefs.hh to ccdefs.hh
For obvious reasons; the c++ suffix is .cc and not .cpp
2018-08-10 07:50:18 +03:00
00c107e051 Resolve authenticator symbols at compile time
Resolving the symbols at compile time prevents runtime problems.
2018-07-31 09:41:13 +03:00
cc0299aee6 Update change date of 2.3 2018-06-25 10:07:52 +03:00
eba6c0c596 MXS-1842 Compile all authenticators as C++
Minimal changes, only what is needed to compile.
2018-05-03 10:07:43 +03:00
5d010ff712 Cleanup SERVER struct
Removed one unused field. Rearranged others, clarified comments.
2018-04-27 10:48:56 +03:00
224f918845 MXS-1592 Make all modules lowercase
Make all modules lowercase and make module loading case
insensitive. Further, make command invocation case insensitive,
as far as the module name is conserned.
2018-01-03 14:57:18 +02:00
895d950da0 Format all source files with Astyle
Formatted all source files Astyle.
2017-09-28 07:04:21 +03:00
3936c71e11 Add missing includes 2017-09-19 15:46:13 +03:00
2784858495 A few PAM cleanups
Print header found message only if libraries also found.
Change header guards to pragma once.
Check return value of store_client_password().
2017-08-16 13:47:29 +03:00
7ba0533cc8 Authenticator API extract-entrypoint returns bool
Extraction either succeeds or fails, it does not need to return
defined integer values.
2017-08-09 17:28:58 +03:00
7488129afc PAM code cleanup & refactor
Divided functionality into classes, fixed comments +
various other cleanup. BackenAuth no longer increments
sequence on sending password. SQLite busy timeout shortened
to 1 second.
2017-08-07 12:22:59 +03:00
f916b74c2e Add first version of PAM authenticator plugin
This includes the client and backend authenticators. Currently,
only a simple password-based scheme with the SQL-client "dialog" plugin
is supported. In this mode, the server sends the first PAM message
with the AuthSwitchRequest packet and the client responds with the
password. No further authentication messages are supported. If the
connection is not encrypted, the password is sent in plaintext. The
client password is used as is for logging in to backends.
2017-08-07 12:22:59 +03:00