mirror of https://github.com/lib/pq.git
gss linting
parent
65babff08e
commit
7f4d6611be
|
@ -19,13 +19,14 @@ import (
|
|||
* implementation
|
||||
*/
|
||||
|
||||
// Implements the pq.Gss interface
|
||||
type Gss struct {
|
||||
// GSS implements the pq.GSS interface.
|
||||
type GSS struct {
|
||||
cli *client.Client
|
||||
}
|
||||
|
||||
func NewGSS() (*Gss, error) {
|
||||
g := &Gss{}
|
||||
// NewGSS creates a new GSS provider.
|
||||
func NewGSS() (*GSS, error) {
|
||||
g := &GSS{}
|
||||
err := g.init()
|
||||
|
||||
if err != nil {
|
||||
|
@ -35,7 +36,7 @@ func NewGSS() (*Gss, error) {
|
|||
return g, nil
|
||||
}
|
||||
|
||||
func (g *Gss) init() error {
|
||||
func (g *GSS) init() error {
|
||||
cfgPath, ok := os.LookupEnv("KRB5_CONFIG")
|
||||
if !ok {
|
||||
cfgPath = "/etc/krb5.conf"
|
||||
|
@ -75,7 +76,8 @@ func (g *Gss) init() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (g *Gss) GetInitToken(host string, service string) ([]byte, error) {
|
||||
// GetInitToken implements the GSS interface.
|
||||
func (g *GSS) GetInitToken(host string, service string) ([]byte, error) {
|
||||
|
||||
// Resolve the hostname down to an 'A' record, if required (usually, it is)
|
||||
if g.cli.Config.LibDefaults.DNSCanonicalizeHostname {
|
||||
|
@ -91,7 +93,8 @@ func (g *Gss) GetInitToken(host string, service string) ([]byte, error) {
|
|||
return g.GetInitTokenFromSpn(spn)
|
||||
}
|
||||
|
||||
func (g *Gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
||||
// GetInitTokenFromSpn implements the GSS interface.
|
||||
func (g *GSS) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
||||
s := spnego.SPNEGOClient(g.cli, spn)
|
||||
|
||||
st, err := s.InitSecContext()
|
||||
|
@ -107,7 +110,8 @@ func (g *Gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
|||
return b, nil
|
||||
}
|
||||
|
||||
func (g *Gss) Continue(inToken []byte) (done bool, outToken []byte, err error) {
|
||||
// Continue implements the GSS interface.
|
||||
func (g *GSS) Continue(inToken []byte) (done bool, outToken []byte, err error) {
|
||||
t := &spnego.SPNEGOToken{}
|
||||
err = t.Unmarshal(inToken)
|
||||
if err != nil {
|
||||
|
|
|
@ -7,14 +7,15 @@ import (
|
|||
"github.com/alexbrainman/sspi/negotiate"
|
||||
)
|
||||
|
||||
// Implements the pq.Gss interface
|
||||
// GSS implements the pq.GSS interface.
|
||||
type Gss struct {
|
||||
creds *sspi.Credentials
|
||||
ctx *negotiate.ClientContext
|
||||
}
|
||||
|
||||
func NewGSS() (*Gss, error) {
|
||||
g := &Gss{}
|
||||
// NewGSS creates a new GSS provider.
|
||||
func NewGSS() (*GSS, error) {
|
||||
g := &GSS{}
|
||||
err := g.init()
|
||||
|
||||
if err != nil {
|
||||
|
@ -24,7 +25,7 @@ func NewGSS() (*Gss, error) {
|
|||
return g, nil
|
||||
}
|
||||
|
||||
func (g *Gss) init() error {
|
||||
func (g *GSS) init() error {
|
||||
creds, err := negotiate.AcquireCurrentUserCredentials()
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -34,7 +35,8 @@ func (g *Gss) init() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (g *Gss) GetInitToken(host string, service string) ([]byte, error) {
|
||||
// GetInitToken implements the GSS interface.
|
||||
func (g *GSS) GetInitToken(host string, service string) ([]byte, error) {
|
||||
|
||||
host, err := canonicalizeHostname(host)
|
||||
if err != nil {
|
||||
|
@ -46,7 +48,8 @@ func (g *Gss) GetInitToken(host string, service string) ([]byte, error) {
|
|||
return g.GetInitTokenFromSpn(spn)
|
||||
}
|
||||
|
||||
func (g *Gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
||||
// GetInitTokenFromSpn implements the GSS interface.
|
||||
func (g *GSS) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
||||
ctx, token, err := negotiate.NewClientContext(g.creds, spn)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -57,6 +60,7 @@ func (g *Gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
|
|||
return token, nil
|
||||
}
|
||||
|
||||
func (g *Gss) Continue(inToken []byte) (done bool, outToken []byte, err error) {
|
||||
// Continue implements the GSS interface.
|
||||
func (g *GSS) Continue(inToken []byte) (done bool, outToken []byte, err error) {
|
||||
return g.ctx.Update(inToken)
|
||||
}
|
||||
|
|
2
conn.go
2
conn.go
|
@ -157,7 +157,7 @@ type conn struct {
|
|||
notificationHandler func(*Notification)
|
||||
|
||||
// GSSAPI context
|
||||
gss Gss
|
||||
gss GSS
|
||||
}
|
||||
|
||||
// Handle driver-side settings in parsed connection string.
|
||||
|
|
22
krb.go
22
krb.go
|
@ -1,28 +1,26 @@
|
|||
package pq
|
||||
|
||||
// A function that creates a GSS authentication provider,
|
||||
// for use with RegisterGSSProvider.
|
||||
type NewGSSFunc func() (Gss, error)
|
||||
// NewGSSFunc creates a GSS authentication provider, for use with
|
||||
// RegisterGSSProvider.
|
||||
type NewGSSFunc func() (GSS, error)
|
||||
|
||||
var newGss NewGSSFunc
|
||||
|
||||
// Register the function for creating a GSS authentication provider.
|
||||
// For example, if you need to use Kerberos to authenticate with your server,
|
||||
// add this to your main package:
|
||||
// RegisterGSSProvider registers a GSS authentication provider. For example, if
|
||||
// you need to use Kerberos to authenticate with your server, add this to your
|
||||
// main package:
|
||||
//
|
||||
// import "github.com/lib/pq/auth/kerberos"
|
||||
//
|
||||
//
|
||||
// func init() {
|
||||
// pq.RegisterGSSProvider(func() (pq.Gss, error) { return kerberos.NewGSS() })
|
||||
// pq.RegisterGSSProvider(func() (pq.GSS, error) { return kerberos.NewGSS() })
|
||||
// }
|
||||
func RegisterGSSProvider(newGssArg NewGSSFunc) {
|
||||
newGss = newGssArg
|
||||
}
|
||||
|
||||
// An interface for providing GSSAPI authentication (e.g. Kerberos).
|
||||
// You only need to care about this interface if you are writing a
|
||||
// GSS authentication provider.
|
||||
type Gss interface {
|
||||
// GSS provides GSSAPI authentication (e.g., Kerberos).
|
||||
type GSS interface {
|
||||
GetInitToken(host string, service string) ([]byte, error)
|
||||
GetInitTokenFromSpn(spn string) ([]byte, error)
|
||||
Continue(inToken []byte) (done bool, outToken []byte, err error)
|
||||
|
|
Loading…
Reference in New Issue