#define MAX_USERNAME 64
#define MAX_PASSWORD 64
-/* auth modes, should match PG's */
+/* no-auth modes */
#define AUTH_ANY -1 /* same as trust but without username check */
-#define AUTH_TRUST 0
+#define AUTH_TRUST AUTH_OK
+
+/* protocol codes */
+#define AUTH_OK 0
+#define AUTH_KRB 2
#define AUTH_PLAIN 3
-/* #define AUTH_CRYPT 4 */
+#define AUTH_CRYPT 4
#define AUTH_MD5 5
-/* #define AUTH_CREDS 6 */
+#define AUTH_CREDS 6
+
+/* internal codes */
#define AUTH_CERT 7
#define AUTH_PEER 8
#define AUTH_HBA 9
if (!mbuf_get_uint32be(&pkt->data, &cmd))
return false;
switch (cmd) {
- case 0:
+ case AUTH_OK:
slog_debug(server, "S: auth ok");
res = true;
break;
- case 3:
+ case AUTH_PLAIN:
slog_debug(server, "S: req cleartext password");
res = login_clear_psw(server);
break;
- case 5:
+ case AUTH_MD5:
slog_debug(server, "S: req md5-crypted psw");
if (!mbuf_get_bytes(&pkt->data, 4, &salt))
return false;
res = login_md5_psw(server, salt);
break;
- case 2: /* kerberos */
- case 6: /* deprecated usage of SCM_RIGHTS */
- slog_error(server, "unsupported auth method: %d", cmd);
- res = false;
- break;
default:
- slog_error(server, "unknown auth method: %d", cmd);
+ slog_error(server, "unknown/unsupported auth method: %d", cmd);
res = false;
break;
}