Re: [HACKERS] PGPASSWORD and client tools - Mailing list pgsql-patches
From | Andrew Dunstan |
---|---|
Subject | Re: [HACKERS] PGPASSWORD and client tools |
Date | |
Msg-id | 41631BB1.7070009@dunslane.net Whole thread Raw |
Responses |
Re: [HACKERS] PGPASSWORD and client tools
Re: [HACKERS] PGPASSWORD and client tools Re: [HACKERS] PGPASSWORD and client tools |
List | pgsql-patches |
Here's a patch that I think (hope) does this right, by using the file pointed to by the environment var PGPASSFILE, if set, in preference to $HOME/.pgpass. I assume that at this stage it would be held over for 8.1 as a new feature - if not I'll put together some docco in a hurry. cheers andrew Andrew Dunstan wrote: > > > Tom Lane wrote: > >> Andrew Dunstan <andrew@dunslane.net> writes: >> >> >>> How about an environment variable that points to a .pgpass type file. >>> >> >> >> You can do that today: point $HOME at some temp directory or other. >> AFAIR pg_dump doesn't make any other use of $HOME ... >> >> >> >>> Or we could even play games with PGPASSWORD - if it names an >>> existing file that satisfies the .pgpass criteria then it will be >>> taken as the location of the .pgpass file instead of $HOME/.pgpass - >>> otherwise its value will be considered to be the password itself. >>> >> >> >> Gaack... if you want a separate variable, we can talk about that, but >> let's not overload PGPASSWORD like that. Consider even just the >> implications of whether libpq error messages should echo back the >> "filename" ... >> >> >> >> > > Yeah. as usual you're right :-) > > So let's go woth PGPASSFILE > > cheers > > andrew > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org > Index: src/interfaces/libpq/fe-connect.c =================================================================== RCS file: /home/cvsmirror/pgsql-server/src/interfaces/libpq/fe-connect.c,v retrieving revision 1.284 diff -c -r1.284 fe-connect.c *** src/interfaces/libpq/fe-connect.c 29 Aug 2004 05:07:00 -0000 1.284 --- src/interfaces/libpq/fe-connect.c 5 Oct 2004 21:47:49 -0000 *************** *** 3096,3101 **** --- 3096,3102 ---- FILE *fp; char *pgpassfile; char *home; + char *passfile_env; struct stat stat_buf; #define LINELEN NAMEDATALEN*5 *************** *** 3113,3137 **** if (port == NULL) port = DEF_PGPORT_STR; ! /* ! * Look for it in the home dir. We don't use get_home_path() so we ! * don't pull path.c into our library. ! */ ! if (!(home = getenv(HOMEDIR))) ! return NULL; ! ! pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1); ! if (!pgpassfile) { ! fprintf(stderr, libpq_gettext("out of memory\n")); ! return NULL; } #ifndef WIN32 ! sprintf(pgpassfile, "%s/%s", home, PGPASSFILE); #else ! sprintf(pgpassfile, "%s\\%s", home, PGPASSFILE); #endif /* If password file cannot be opened, ignore it. */ if (stat(pgpassfile, &stat_buf) == -1) --- 3114,3153 ---- if (port == NULL) port = DEF_PGPORT_STR; ! if ((passfile_env = getenv("PGPASSFILE")) != NULL && ! strlen(passfile_env) > 0) { ! /* use the literal path from the environment, if set */ ! pgpassfile = strdup(passfile_env); ! if (!pgpassfile) ! { ! fprintf(stderr, libpq_gettext("out of memory\n")); ! return NULL; ! } } + else + { + /* + * Look for it in the home dir. We don't use get_home_path() so we + * don't pull path.c into our library. + */ + if (!(home = getenv(HOMEDIR))) + return NULL; + + pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1); + if (!pgpassfile) + { + fprintf(stderr, libpq_gettext("out of memory\n")); + return NULL; + } + #ifndef WIN32 ! sprintf(pgpassfile, "%s/%s", home, PGPASSFILE); #else ! sprintf(pgpassfile, "%s\\%s", home, PGPASSFILE); #endif + } /* If password file cannot be opened, ignore it. */ if (stat(pgpassfile, &stat_buf) == -1) *************** *** 3140,3145 **** --- 3156,3173 ---- return NULL; } + /* Must be a plain file, or we warn and ignore it */ + + if (! S_ISREG(stat_buf.st_mode)) + { + fprintf(stderr, + libpq_gettext("WARNING: Password file %s is not a plain file.\n"), + pgpassfile); + free(pgpassfile); + return NULL; + + } + #ifndef WIN32 /* If password file is insecure, alert the user and ignore it. */ if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))
pgsql-patches by date: