| 1 | /* |
|---|---|
| 2 | * This Source Code Form is subject to the terms of the Mozilla Public |
| 3 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 4 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. |
| 5 | * |
| 6 | * Copyright 1997 - July 2008 CWI, August 2008 - 2019 MonetDB B.V. |
| 7 | */ |
| 8 | |
| 9 | #ifndef _MAL_AUTHORIZE_H |
| 10 | #define _MAL_AUTHORIZE_H |
| 11 | |
| 12 | /* #define _DEBUG_AUTH_*/ |
| 13 | #include "mal.h" |
| 14 | #include "mal_instruction.h" |
| 15 | #include "mal_client.h" |
| 16 | |
| 17 | #define MAL_ADMIN 0 |
| 18 | |
| 19 | mal_export str AUTHcheckCredentials(oid *ret, Client c, const char *user, const char *passwd, const char *challenge, const char *algo); |
| 20 | mal_export str AUTHaddUser(oid *ret, Client c, const char *user, const char *pass); |
| 21 | mal_export str AUTHremoveUser(Client c, const char *username); |
| 22 | mal_export str AUTHchangeUsername(Client c, const char *olduser, const char *newuser); |
| 23 | mal_export str AUTHchangePassword(Client c, const char *oldpass, const char *passwd); |
| 24 | mal_export str AUTHsetPassword(Client c, const char *username, const char *passwd); |
| 25 | mal_export str AUTHresolveUser(str *ret, oid uid); |
| 26 | mal_export str AUTHgetUsername(str *ret, Client c); |
| 27 | mal_export str AUTHgetUsers(BAT **ret1, BAT **ret2, Client c); |
| 28 | mal_export str AUTHgetPasswordHash(str *ret, Client c, const char *username); |
| 29 | |
| 30 | mal_export str AUTHinitTables(const char *passwd); |
| 31 | |
| 32 | mal_export str AUTHaddRemoteTableCredentials(const char *local_table, const char *localuser, const char *uri, const char *remoteuser, const char *pass, bool pw_encrypted); |
| 33 | mal_export str AUTHgetRemoteTableCredentials(const char *local_table, str *uri, str *username, str *password); |
| 34 | mal_export str AUTHdeleteRemoteTableCredentials(const char *local_table); |
| 35 | |
| 36 | /* |
| 37 | * Authorisation is based on a password. The passwords are stored hashed |
| 38 | * in a BAT. Access to this BAT is ok from the MAL level, and in |
| 39 | * particular SQL needs it to dump (and later restore) users. |
| 40 | * The database administrator can unlock the BAT that stores the password |
| 41 | * (the vault) by supplying the master password which is the key for the |
| 42 | * cypher algorithm used to store the data. The BAT will never |
| 43 | * contain the plain hashes, as they will be decyphered on the fly when |
| 44 | * needed. A locked vault means noone can log into the system, hence, the |
| 45 | * vault needs to be unlocked as part of the server startup ritual. |
| 46 | */ |
| 47 | mal_export str AUTHunlockVault(const char *password); |
| 48 | |
| 49 | #endif /* _MAL_AUTHORIZE_H */ |
| 50 |
Generated while processing MonetDB/monetdb5/mal/mal.c
Generated on 2019-Nov-27 from project MonetDB revision 11.36
Powered by 
Code Browser 2.1
Generator usage only permitted with license.