Postgres Pro
Downloads
Home   >   mailing lists

Re: [HACKERS] PGPASSWORD and client tools - Mailing list pgsql-patches

From Andrew Dunstan
Subject Re: [HACKERS] PGPASSWORD and client tools
Date
Msg-id 41631BB1.7070009@dunslane.net
Whole thread Raw
Responses Re: [HACKERS] PGPASSWORD and client tools
Re: [HACKERS] PGPASSWORD and client tools
Re: [HACKERS] PGPASSWORD and client tools
List pgsql-patches
Tree view 
Here's a patch that I think (hope) does this right, by using the file
pointed to by the environment var PGPASSFILE, if set, in preference to
$HOME/.pgpass. I assume that at this stage it would be held over for 8.1
as a new feature - if not I'll put together some docco in a hurry.

cheers

andrew



Andrew Dunstan wrote:

>
>
> Tom Lane wrote:
>
>> Andrew Dunstan <andrew@dunslane.net> writes:
>>
>>
>>> How about an environment variable that points to a .pgpass type file.
>>>
>>
>>
>> You can do that today: point $HOME at some temp directory or other.
>> AFAIR pg_dump doesn't make any other use of $HOME ...
>>
>>
>>
>>> Or we could even play games with PGPASSWORD - if it names an
>>> existing file that satisfies the .pgpass criteria then it will be
>>> taken as the location of the .pgpass file instead of $HOME/.pgpass -
>>> otherwise its value will be considered to be the password itself.
>>>
>>
>>
>> Gaack... if you want a separate variable, we can talk about that, but
>> let's not overload PGPASSWORD like that.  Consider even just the
>> implications of whether libpq error messages should echo back the
>> "filename" ...
>>
>>
>>
>>
>
> Yeah. as usual you're right :-)
>
> So let's go woth PGPASSFILE
>
> cheers
>
> andrew
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
>
Index: src/interfaces/libpq/fe-connect.c
===================================================================
RCS file: /home/cvsmirror/pgsql-server/src/interfaces/libpq/fe-connect.c,v
retrieving revision 1.284
diff -c -r1.284 fe-connect.c
*** src/interfaces/libpq/fe-connect.c    29 Aug 2004 05:07:00 -0000    1.284
--- src/interfaces/libpq/fe-connect.c    5 Oct 2004 21:47:49 -0000
***************
*** 3096,3101 ****
--- 3096,3102 ----
      FILE       *fp;
      char       *pgpassfile;
      char       *home;
+     char       *passfile_env;
      struct stat stat_buf;

  #define LINELEN NAMEDATALEN*5
***************
*** 3113,3137 ****
      if (port == NULL)
          port = DEF_PGPORT_STR;

!     /*
!      * Look for it in the home dir. We don't use get_home_path() so we
!      * don't pull path.c into our library.
!      */
!     if (!(home = getenv(HOMEDIR)))
!         return NULL;
!
!     pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1);
!     if (!pgpassfile)
      {
!         fprintf(stderr, libpq_gettext("out of memory\n"));
!         return NULL;
      }

  #ifndef WIN32
!     sprintf(pgpassfile, "%s/%s", home, PGPASSFILE);
  #else
!     sprintf(pgpassfile, "%s\\%s", home, PGPASSFILE);
  #endif

      /* If password file cannot be opened, ignore it. */
      if (stat(pgpassfile, &stat_buf) == -1)
--- 3114,3153 ----
      if (port == NULL)
          port = DEF_PGPORT_STR;

!     if ((passfile_env = getenv("PGPASSFILE")) != NULL &&
!         strlen(passfile_env) > 0)
      {
!         /* use the literal path from the environment, if set */
!         pgpassfile = strdup(passfile_env);
!         if (!pgpassfile)
!         {
!             fprintf(stderr, libpq_gettext("out of memory\n"));
!             return NULL;
!         }
      }
+     else
+     {

+         /*
+          * Look for it in the home dir. We don't use get_home_path() so we
+          * don't pull path.c into our library.
+          */
+         if (!(home = getenv(HOMEDIR)))
+             return NULL;
+
+         pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1);
+         if (!pgpassfile)
+         {
+             fprintf(stderr, libpq_gettext("out of memory\n"));
+             return NULL;
+         }
+
  #ifndef WIN32
!         sprintf(pgpassfile, "%s/%s", home, PGPASSFILE);
  #else
!         sprintf(pgpassfile, "%s\\%s", home, PGPASSFILE);
  #endif
+     }

      /* If password file cannot be opened, ignore it. */
      if (stat(pgpassfile, &stat_buf) == -1)
***************
*** 3140,3145 ****
--- 3156,3173 ----
          return NULL;
      }

+     /* Must be a plain file, or we warn and ignore it */
+
+     if (! S_ISREG(stat_buf.st_mode))
+     {
+         fprintf(stderr,
+                 libpq_gettext("WARNING: Password file %s is not a plain file.\n"),
+                 pgpassfile);
+         free(pgpassfile);
+         return NULL;
+
+     }
+
  #ifndef WIN32
      /* If password file is insecure, alert the user and ignore it. */
      if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))

pgsql-patches by date:

Previous
From: Tom Lane
Date:
Subject: Re: [HACKERS] libpq and prepared statements progress for 8.0
Next
From: "Luiz K. Matsumura"
Date:
Subject: pg_dumpall bug in PG 8.0b3 Win32 port