Re: Patch : PGPASSFILE fix - Mailing list pgadmin-hackers
| From | Dave Page |
|---|---|
| Subject | Re: Patch : PGPASSFILE fix |
| Date | |
| Msg-id | CA+OCxoxK8Zv+OP0pr8fvXj=v1dFunMTERLTLE96VOVjmwK2KWg@mail.gmail.com Whole thread Raw |
| In response to | Re: Patch : PGPASSFILE fix (Ashesh Vashi <ashesh.vashi@enterprisedb.com>) |
| Responses |
Re: Patch : PGPASSFILE fix
Re: Patch : PGPASSFILE fix |
| List | pgadmin-hackers |
On Wed, Mar 11, 2015 at 7:42 AM, Ashesh Vashi <ashesh.vashi@enterprisedb.com> wrote: > On Wed, Mar 11, 2015 at 1:06 PM, Prasad <prasad.s@mail.com> wrote: >> >> I think, we need to agree what exactly solution should be. About creating >> parent directories.It's going to complicate solution, path can be of any >> depth. i.e. /a/b/c/d/e/.pgpass, and none of these folders could present. Are >> we going to keep on creating all folders ? > > Agree - it's going to be complicated. It's not that hard - see http://nion.modprobe.de/blog/archives/357-Recursive-directory-creation.html for example. wx should make that even easier I expect. The only unhandled issue is what to do if we get an error on any of the directories. I would suggest just keeping an array of what we actually create, and removing any created prior to the error so we return the users filesystem to its original state. >> >> regards, >> Prasad >> >> >> >> Sent: Tuesday, March 10, 2015 at 7:09 AM >> From: "Ashesh Vashi" <ashesh.vashi@enterprisedb.com>ut >> To: Prasad <prasad.s@mail.com> >> Cc: "Dave Page" <dpage@pgadmin.org>, pgadmin-hackers >> <pgadmin-hackers@postgresql.org> >> Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix >> >> Hi Prasad, >> >> On Thu, Mar 5, 2015 at 4:20 AM, Prasad <prasad.s@mail.com> wrote: >> >> Hi, >> >> As mentioned in my earlier communication code calling this function is >> checking for file existence. So if we decide to add code for creation of >> full path, then similar code has to be removed from location of call to this >> function. Otherwise, it will end up with multiple error messages. It's >> wxWidget's wxFile that throws error. >> >> So, I've created two patches, and we can go with one of them. >> 1. Let GetConfigFile function just read value from PGPASSFILE and return >> as it is as like, similar to way it creates default path(It doesn't create >> file in case of default path as well). And calling functions are taking care >> of path validation and error messages. >> This won't work. >> We should create the file, if it does not exists (and, the path).2. Let >> GetConfigFile function read value from PGPASSFILE and create file path ,it >> will show error message in case it can't. In this case calling code only >> should check existence of file before going ahead, and not try to create or >> read file, otherwise , user will end up with multiple message boxes with >> same error. >> The patch, you shared, do not create the path (parent directories) for the >> PGPASSFILE (if it does not exists). >> You're only creating the file, which is not right. >> >> NOTE: >> Please do not mix tabs and spaces in your patch. >> I am still not able to apply the patch using 'git apply' utility. >> >> >> -- >> Thanks & Regards, >> >> Ashesh Vashi >> EnterpriseDB INDIA: Enterprise PostgreSQL >> Company[http://www.enterprisedb.com] >> >> >> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi] >> regards, >> Prasad >> >> >> >> >> >> Sent: Wednesday, March 04, 2015 at 11:35 AM >> From: "Ashesh Vashi" >> <ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com]>, func >> To: "Dave Page" <dpage@pgadmin.org[dpage@pgadmin.org]> >> Cc: Prasad <prasad.s@mail.com[prasad.s@mail.com]>, pgadmin-hackers >> <pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]> >> Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix >> >> On Wed, Mar 4, 2015 at 4:40 PM, Dave Page >> <dpage@pgadmin.org[dpage@pgadmin.org]> wrote: >> >> >> >> On Wed, Mar 4, 2015 at 11:06 AM, Ashesh Vashi >> <ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com][ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com]]> >> wrote: >> On Wed, Mar 4, 2015 at 4:09 PM, Dave Page >> <dpage@pgadmin.org[dpage@pgadmin.org][dpage@pgadmin.org[dpage@pgadmin.org]]> >> wrote: >> >> I think we should try to create the full path if necessary, and simply >> throw an error if we can't. >> And, I think - we should switch back to default pgpass configuration >> file. >> >> No, because that's a security risk (writing the password to a file that >> wasn't what the user intended). >> Agree. >> >> -- >> Thanks & Regards, >> >> Ashesh Vashi >> EnterpriseDB INDIA: Enterprise PostgreSQL >> Company[http://www.enterprisedb.com[http://www.enterprisedb.com]] >> >> >> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]] >> >> >> >> >> -- >> Thanks & Regards, >> >> Ashesh Vashi >> EnterpriseDB INDIA: Enterprise PostgreSQL >> Company[http://www.enterprisedb.com[http://www.enterprisedb.com]] >> >> >> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]] >> >> On Wed, Mar 4, 2015 at 10:01 AM, Prasad >> <prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]> >> wrote: >> > Alright , I'll revert to PGPASS check. >> > Existing function only creates folder containing file. With this case, >> > whats expected ? Reading value in PGPASSFILE and try to create folder >> > containing pgpass file (Assuming it's valid path)? Remember, it's >> > environment variable. User can specify anything in there. Some garbage value >> > as well. If we don't do any validation there, user will automatically see >> > error with complain about file ? >> > >> > thanks and regards, >> > Prasad >> > >> > >> > Sent: Wednesday, March 04, 2015 at 7:48 AM >> > From: "Ashesh Vashi" >> > <ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com][ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com]]> >> > To: Prasad >> > <prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]> >> > Cc: pgadmin-hackers >> > <pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]]> >> > Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix >> > >> > On Wed, Mar 4, 2015 at 8:44 AM, Prasad >> > <prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]> >> > wrote: >> > >> > Ashesh, >> > >> > Thanks for reviewing patch, >> > Code I have removed in I think, was switch statement inside if >> > condition, which doesn't make sense. >> > ie. >> > if (var == 2) >> > { >> > switch (var) >> > case 2: >> > ..... >> > break; >> > } >> > >> > that's why I removed it, because it's redundant. >> > Agree about redundancy, but you've also removed the code for checking >> > the PGPASS check at the start of the function. >> > i.e. >> > @@ -762,35 +762,33 @@ void sysSettings::SetCanonicalLanguage(const >> > wxLanguage &lang) >> > >> > ////////////////////////////////////////////////////////////////////////// >> > wxString sysSettings::GetConfigFile(configFileName cfgname) >> > { >> > - if (cfgname == PGPASS) >> > - { >> > >> > I am not agree with that. >> > About creation of directory, I'm not sure if this validation is >> > required. Existing code creates directory postgresql (only on windows) >> > according to >> > http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html[http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5Bhttp://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5D][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html[http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5Bhttp://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5D]] >> > , and it doesn't create file. I'm not sure whether this kind of validation >> > is expected in this function. >> > I think - it is. >> > Because - it could be used to save the updated password in the PGPASS >> > file. >> > >> > -- Ashesh >> > regards, >> > Prasad >> > >> > Sent: Wednesday, March 04, 2015 at 7:15 AM >> > From: "Ashesh Vashi" >> > <ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com][ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com]][ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com][ashesh.vashi@enterprisedb.com[ashesh.vashi@enterprisedb.com]]]> >> > To: Prasad >> > <prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]][prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]]> >> > Cc: pgadmin-hackers >> > <pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]]]> >> > Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix >> > >> > Hi Prasad, >> > I see couple of issues with your patch.* Please generate the patch >> > using 'git diff'. >> > I could not apply your patch straight forwardly. >> > I had to use the patch utility. >> > * Please follow the coding style of pgAdmin. >> > You can find it at >> > https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals%23Coding_Style.*]][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals%23Coding_Style.*]]] >> > Do not remove any of the existing code. >> > It has been kept there keeping in mind about future development >> > extending support of the existing functionality. >> > You've removed couple of lines in the sysSettings::GetConfigFile(...) >> > function, which is not good. >> > >> > In your code:* Checked only for PGPASSFILE environment variable. >> > * Need to check the existence of the file. >> > * Take required actions (if that file/parent directory does not exists). >> > i.e. Create parent directory >> > >> > >> > >> > -- >> > Thanks & Regards, >> > >> > Ashesh Vashi >> > EnterpriseDB INDIA: Enterprise PostgreSQL >> > Company[http://www.enterprisedb.com[http://www.enterprisedb.com][http://www.enterprisedb.com[http://www.enterprisedb.com]][http://www.enterprisedb.com[http://www.enterprisedb.com][http://www.enterprisedb.com[http://www.enterprisedb.com]]]] >> > >> > >> > http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]][http://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5Bhttp://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5D][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]][http://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5Bhttp://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5D]] >> > >> > On Sun, Mar 1, 2015 at 11:08 PM, Prasad >> > <prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]][prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]][prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]][prasad.s@mail.com[prasad.s@mail.com][prasad.s@mail.com[prasad.s@mail.com]]]]> >> > wrote: >> > Hi, >> > >> > Find attached fix for reading PGPASSFILE environment variable for pg >> > password file. >> > >> > regards, >> > Prasad >> > >> > -- >> > Sent via pgadmin-hackers mailing list >> > (pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]]][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]]]]) >> > To make changes to your subscription: >> > >> > http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]][http://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5D][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]][http://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5D]] >> > >> > >> > >> > --> Sent via pgadmin-hackers mailing list >> > (pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org][pgadmin-hackers@postgresql.org[pgadmin-hackers@postgresql.org]]) >> > To make changes to your subscription: >> > >> > http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]] >> >> >> >> >> -- >> Dave Page >> Blog: >> http://pgsnake.blogspot.com[http://pgsnake.blogspot.com][http://pgsnake.blogspot.com[http://pgsnake.blogspot.com]] >> Twitter: @pgsnake >> >> EnterpriseDB UK: >> http://www.enterprisedb.com[http://www.enterprisedb.com][http://www.enterprisedb.com[http://www.enterprisedb.com]] >> The Enterprise PostgreSQL Company >> >> >> -- >> Dave Page >> Blog: >> http://pgsnake.blogspot.com[http://pgsnake.blogspot.com][http://pgsnake.blogspot.com[http://pgsnake.blogspot.com]] >> Twitter: @pgsnake >> >> EnterpriseDB UK: >> http://www.enterprisedb.com[http://www.enterprisedb.com][http://www.enterprisedb.com[http://www.enterprisedb.com]] >> The Enterprise PostgreSQL Company > > -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
pgadmin-hackers by date: