*** a/src/backend/libpq/hba.c --- b/src/backend/libpq/hba.c *************** *** 61,67 **** typedef struct check_network_data } check_network_data; ! #define token_is_keyword(t, k) (!t->quoted && strcmp(t->string, k) == 0) #define token_matches(t, k) (strcmp(t->string, k) == 0) /* --- 61,67 ---- } check_network_data; ! #define token_is_keyword(t, k) (!t->quoted && pg_strcasecmp(t->string, k) == 0) #define token_matches(t, k) (strcmp(t->string, k) == 0) /* *************** *** 881,887 **** parse_hba_line(List *line, int line_num, char *raw_line) return NULL; } token = linitial(tokens); ! if (strcmp(token->string, "local") == 0) { #ifdef HAVE_UNIX_SOCKETS parsedline->conntype = ctLocal; --- 881,887 ---- return NULL; } token = linitial(tokens); ! if (pg_strcasecmp(token->string, "local") == 0) { #ifdef HAVE_UNIX_SOCKETS parsedline->conntype = ctLocal; *************** *** 894,905 **** parse_hba_line(List *line, int line_num, char *raw_line) return NULL; #endif } ! else if (strcmp(token->string, "host") == 0 || ! strcmp(token->string, "hostssl") == 0 || ! strcmp(token->string, "hostnossl") == 0) { ! if (token->string[4] == 's') /* "hostssl" */ { /* SSL support must be actually active, else complain */ #ifdef USE_SSL --- 894,905 ---- return NULL; #endif } ! else if (pg_strcasecmp(token->string, "host") == 0 || ! pg_strcasecmp(token->string, "hostssl") == 0 || ! pg_strcasecmp(token->string, "hostnossl") == 0) { ! if ((token->string[4] == 's') || (token->string[4] == 'S')) /* "hostssl" */ { /* SSL support must be actually active, else complain */ #ifdef USE_SSL *************** *** 926,932 **** parse_hba_line(List *line, int line_num, char *raw_line) #endif } #ifdef USE_SSL ! else if (token->string[4] == 'n') /* "hostnossl" */ { parsedline->conntype = ctHostNoSSL; } --- 926,932 ---- #endif } #ifdef USE_SSL ! else if ((token->string[4] == 'n') || (token->string[4] == 'N')) /* "hostnossl" */ { parsedline->conntype = ctHostNoSSL; } *************** *** 1181,1209 **** parse_hba_line(List *line, int line_num, char *raw_line) token = linitial(tokens); unsupauth = NULL; ! if (strcmp(token->string, "trust") == 0) parsedline->auth_method = uaTrust; ! else if (strcmp(token->string, "ident") == 0) parsedline->auth_method = uaIdent; ! else if (strcmp(token->string, "peer") == 0) parsedline->auth_method = uaPeer; ! else if (strcmp(token->string, "password") == 0) parsedline->auth_method = uaPassword; ! else if (strcmp(token->string, "gss") == 0) #ifdef ENABLE_GSS parsedline->auth_method = uaGSS; #else unsupauth = "gss"; #endif ! else if (strcmp(token->string, "sspi") == 0) #ifdef ENABLE_SSPI parsedline->auth_method = uaSSPI; #else unsupauth = "sspi"; #endif ! else if (strcmp(token->string, "reject") == 0) parsedline->auth_method = uaReject; ! else if (strcmp(token->string, "md5") == 0) { if (Db_user_namespace) { --- 1181,1209 ---- token = linitial(tokens); unsupauth = NULL; ! if (pg_strcasecmp(token->string, "trust") == 0) parsedline->auth_method = uaTrust; ! else if (pg_strcasecmp(token->string, "ident") == 0) parsedline->auth_method = uaIdent; ! else if (pg_strcasecmp(token->string, "peer") == 0) parsedline->auth_method = uaPeer; ! else if (pg_strcasecmp(token->string, "password") == 0) parsedline->auth_method = uaPassword; ! else if (pg_strcasecmp(token->string, "gss") == 0) #ifdef ENABLE_GSS parsedline->auth_method = uaGSS; #else unsupauth = "gss"; #endif ! else if (pg_strcasecmp(token->string, "sspi") == 0) #ifdef ENABLE_SSPI parsedline->auth_method = uaSSPI; #else unsupauth = "sspi"; #endif ! else if (pg_strcasecmp(token->string, "reject") == 0) parsedline->auth_method = uaReject; ! else if (pg_strcasecmp(token->string, "md5") == 0) { if (Db_user_namespace) { *************** *** 1216,1240 **** parse_hba_line(List *line, int line_num, char *raw_line) } parsedline->auth_method = uaMD5; } ! else if (strcmp(token->string, "pam") == 0) #ifdef USE_PAM parsedline->auth_method = uaPAM; #else unsupauth = "pam"; #endif ! else if (strcmp(token->string, "ldap") == 0) #ifdef USE_LDAP parsedline->auth_method = uaLDAP; #else unsupauth = "ldap"; #endif ! else if (strcmp(token->string, "cert") == 0) #ifdef USE_SSL parsedline->auth_method = uaCert; #else unsupauth = "cert"; #endif ! else if (strcmp(token->string, "radius") == 0) parsedline->auth_method = uaRADIUS; else { --- 1216,1240 ---- } parsedline->auth_method = uaMD5; } ! else if (pg_strcasecmp(token->string, "pam") == 0) #ifdef USE_PAM parsedline->auth_method = uaPAM; #else unsupauth = "pam"; #endif ! else if (pg_strcasecmp(token->string, "ldap") == 0) #ifdef USE_LDAP parsedline->auth_method = uaLDAP; #else unsupauth = "ldap"; #endif ! else if (pg_strcasecmp(token->string, "cert") == 0) #ifdef USE_SSL parsedline->auth_method = uaCert; #else unsupauth = "cert"; #endif ! else if (pg_strcasecmp(token->string, "radius") == 0) parsedline->auth_method = uaRADIUS; else { *************** *** 1408,1414 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) hbaline->ldapscope = LDAP_SCOPE_SUBTREE; #endif ! if (strcmp(name, "map") == 0) { if (hbaline->auth_method != uaIdent && hbaline->auth_method != uaPeer && --- 1408,1414 ---- hbaline->ldapscope = LDAP_SCOPE_SUBTREE; #endif ! if (pg_strcasecmp(name, "map") == 0) { if (hbaline->auth_method != uaIdent && hbaline->auth_method != uaPeer && *************** *** 1418,1424 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) INVALID_AUTH_OPTION("map", gettext_noop("ident, peer, gssapi, sspi, and cert")); hbaline->usermap = pstrdup(val); } ! else if (strcmp(name, "clientcert") == 0) { /* * Since we require ctHostSSL, this really can never happen on --- 1418,1424 ---- INVALID_AUTH_OPTION("map", gettext_noop("ident, peer, gssapi, sspi, and cert")); hbaline->usermap = pstrdup(val); } ! else if (pg_strcasecmp(name, "clientcert") == 0) { /* * Since we require ctHostSSL, this really can never happen on *************** *** 1461,1472 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) hbaline->clientcert = false; } } ! else if (strcmp(name, "pamservice") == 0) { REQUIRE_AUTH_OPTION(uaPAM, "pamservice", "pam"); hbaline->pamservice = pstrdup(val); } ! else if (strcmp(name, "ldapurl") == 0) { #ifdef LDAP_API_FEATURE_X_OPENLDAP LDAPURLDesc *urldata; --- 1461,1472 ---- hbaline->clientcert = false; } } ! else if (pg_strcasecmp(name, "pamservice") == 0) { REQUIRE_AUTH_OPTION(uaPAM, "pamservice", "pam"); hbaline->pamservice = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapurl") == 0) { #ifdef LDAP_API_FEATURE_X_OPENLDAP LDAPURLDesc *urldata; *************** *** 1515,1521 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) errmsg("LDAP URLs not supported on this platform"))); #endif /* not OpenLDAP */ } ! else if (strcmp(name, "ldaptls") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldaptls", "ldap"); if (strcmp(val, "1") == 0) --- 1515,1521 ---- errmsg("LDAP URLs not supported on this platform"))); #endif /* not OpenLDAP */ } ! else if (pg_strcasecmp(name, "ldaptls") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldaptls", "ldap"); if (strcmp(val, "1") == 0) *************** *** 1523,1534 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) else hbaline->ldaptls = false; } ! else if (strcmp(name, "ldapserver") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapserver", "ldap"); hbaline->ldapserver = pstrdup(val); } ! else if (strcmp(name, "ldapport") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapport", "ldap"); hbaline->ldapport = atoi(val); --- 1523,1534 ---- else hbaline->ldaptls = false; } ! else if (pg_strcasecmp(name, "ldapserver") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapserver", "ldap"); hbaline->ldapserver = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapport") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapport", "ldap"); hbaline->ldapport = atoi(val); *************** *** 1542,1585 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) return false; } } ! else if (strcmp(name, "ldapbinddn") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbinddn", "ldap"); hbaline->ldapbinddn = pstrdup(val); } ! else if (strcmp(name, "ldapbindpasswd") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbindpasswd", "ldap"); hbaline->ldapbindpasswd = pstrdup(val); } ! else if (strcmp(name, "ldapsearchattribute") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapsearchattribute", "ldap"); hbaline->ldapsearchattribute = pstrdup(val); } ! else if (strcmp(name, "ldapbasedn") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbasedn", "ldap"); hbaline->ldapbasedn = pstrdup(val); } ! else if (strcmp(name, "ldapprefix") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapprefix", "ldap"); hbaline->ldapprefix = pstrdup(val); } ! else if (strcmp(name, "ldapsuffix") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapsuffix", "ldap"); hbaline->ldapsuffix = pstrdup(val); } ! else if (strcmp(name, "krb_realm") == 0) { if (hbaline->auth_method != uaGSS && hbaline->auth_method != uaSSPI) INVALID_AUTH_OPTION("krb_realm", gettext_noop("gssapi and sspi")); hbaline->krb_realm = pstrdup(val); } ! else if (strcmp(name, "include_realm") == 0) { if (hbaline->auth_method != uaGSS && hbaline->auth_method != uaSSPI) --- 1542,1585 ---- return false; } } ! else if (pg_strcasecmp(name, "ldapbinddn") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbinddn", "ldap"); hbaline->ldapbinddn = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapbindpasswd") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbindpasswd", "ldap"); hbaline->ldapbindpasswd = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapsearchattribute") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapsearchattribute", "ldap"); hbaline->ldapsearchattribute = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapbasedn") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapbasedn", "ldap"); hbaline->ldapbasedn = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapprefix") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapprefix", "ldap"); hbaline->ldapprefix = pstrdup(val); } ! else if (pg_strcasecmp(name, "ldapsuffix") == 0) { REQUIRE_AUTH_OPTION(uaLDAP, "ldapsuffix", "ldap"); hbaline->ldapsuffix = pstrdup(val); } ! else if (pg_strcasecmp(name, "krb_realm") == 0) { if (hbaline->auth_method != uaGSS && hbaline->auth_method != uaSSPI) INVALID_AUTH_OPTION("krb_realm", gettext_noop("gssapi and sspi")); hbaline->krb_realm = pstrdup(val); } ! else if (pg_strcasecmp(name, "include_realm") == 0) { if (hbaline->auth_method != uaGSS && hbaline->auth_method != uaSSPI) *************** *** 1589,1595 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) else hbaline->include_realm = false; } ! else if (strcmp(name, "radiusserver") == 0) { struct addrinfo *gai_result; struct addrinfo hints; --- 1589,1595 ---- else hbaline->include_realm = false; } ! else if (pg_strcasecmp(name, "radiusserver") == 0) { struct addrinfo *gai_result; struct addrinfo hints; *************** *** 1617,1623 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) pg_freeaddrinfo_all(hints.ai_family, gai_result); hbaline->radiusserver = pstrdup(val); } ! else if (strcmp(name, "radiusport") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiusport", "radius"); hbaline->radiusport = atoi(val); --- 1617,1623 ---- pg_freeaddrinfo_all(hints.ai_family, gai_result); hbaline->radiusserver = pstrdup(val); } ! else if (pg_strcasecmp(name, "radiusport") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiusport", "radius"); hbaline->radiusport = atoi(val); *************** *** 1631,1642 **** parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num) return false; } } ! else if (strcmp(name, "radiussecret") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiussecret", "radius"); hbaline->radiussecret = pstrdup(val); } ! else if (strcmp(name, "radiusidentifier") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiusidentifier", "radius"); hbaline->radiusidentifier = pstrdup(val); --- 1631,1642 ---- return false; } } ! else if (pg_strcasecmp(name, "radiussecret") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiussecret", "radius"); hbaline->radiussecret = pstrdup(val); } ! else if (pg_strcasecmp(name, "radiusidentifier") == 0) { REQUIRE_AUTH_OPTION(uaRADIUS, "radiusidentifier", "radius"); hbaline->radiusidentifier = pstrdup(val);