Thread: Front-end libpq library : Extending PQconnectdb functionnalities to PQsetdbLogin

    PQsetdbLogin() in fe-connect.c in libpq

- PQsetdbLogin OPTIONS EXTENSION PATCH -


This patch to fe-connect.c is intended
to make it possible to set options like sslmode
or connect_timeout with the PQsetdbLogin() function.

This is needed as many popular interfaces or routines
(i.e. ECPG, mod_auth_pgsql ...) use PQsetdbLogin
function rather than PQconnectdb() the latter
provides for such functionnalities.

Thus most of the PQsetdbLogin limitations over
the PQconnectdb function  can be avoided.

In addition, this patch prevents the setting via URL
of the parameters normally supplied to PQsetdbLogin()
outside URL as : host, login, pwd ...

Principles :

   i) The parsed (pgoptions string) string is
      supplied via URL for ECPG, and via
      Auth_PG_Options runtime configuration
      variable for mod_auth_pgsql...
      In all cases the parsed string is
      the string passed through the pgoptions
      parameter to PQsetdbLogin

   ii) If only command-line-options for backend
      are supplied or no options supplied at all :
      then the old behaviour fully applies.

   iii) If command-line-options for backend provided
      and option/value groups for sslmode, connect_timeout
      or eventually for requiressl are present :

      - The command-line-options must appear first (right
        after the question-mark for ECPG,in parameter string
        for Auth_PG_Options) and must be separated
        from our options=value groups by an
        ampersand ('&') character.

        Of course the command-line-options for backend
        may contain option=value groups of their own
        if this is the cases the latter should
        not be separated by '&' :

        Valid examples: (for mod_auth_pgsql)

            Auth_PG_Options "-c 'geqo=off'&sslmod=require"
            Auth_PG_Options &sslmod=require
            Auth_PG_Options sslmod=require # is valid too
           # see below the
           # "anti-idiosyncracy" statement.

      - The other option=value groups must be separated
        by an '&' character (for URL parameter compatibility.

            Auth_PG_Options sslmod=require&connect_timeout=<timeout_value>

      Other examples

    ECPG URL example :


tcp:postgresql://<ip|domain>:5432/<dbname>[?[<options-for-backend>][<&sslmode=require|&requiressl=1>[&connect_timeout=<value>[&
...]]]]
tcp:postgresql://<Dotted IP Number>:5432/dbname?&sslmode=require
tcp:postgresql://<Dotted IP Number>:5432/dbname?sslmode=require
    (for the latter example see * below)


(*) For anti-idiosyncratic convenience : if the first parameter is
   one of { sslmode, requiressl, connect_timeout } the leading
   ampersand might be omitted and that parameter and the
   following charachers won't be considered to be intended
   for the backend as (command-line-options).

   So for instance
tcp:postgresql://<Dotted IP Number>:5432/dbname?sslmode=require
   will be considered as
tcp:postgresql://<Dotted IP Number>:5432/dbname?&sslmode=require


See signed fe-connect.c.URL.patch file attached.

My public CD31DA11 key can be found on pgp.mit.edu keyserver

Your are welcome to send your comments to :

Waldemar Olenycz <waldem@free.fr>

waldem@free.fr writes:
> This patch to fe-connect.c is intended
> to make it possible to set options like sslmode
> or connect_timeout with the PQsetdbLogin() function.

This seems spectacularly ugly :-(.  Why don't you lobby ECPG to provide
a more modern connection API, instead?

            regards, tom lane