requiressl
- Set to 1 to require SSL connection to the backend.
Libpq- will then refuse to connect if the server does not support
- SSL. Set to 0 (default) to negotiate with server.
+ Set to 1 to require
SSL connection to the server.
+
Libpq will then refuse to connect if the server does not+ accept an
SSL connection.
+ Set to 0 (default) to negotiate with server.
+ This option is only available if
+
PostgreSQL is compiled with SSL support.
The following environment variables can be used to select default
-connection parameter values, which will be used by PQconnectdb or
-PQsetdbLogin if no value is directly specified by the calling code.
-These are useful to avoid hard-coding database names into simple
-application programs.
+connection parameter values, which will be used by
+PQconnectdb, PQsetdbLogin and
+PQsetdb if no value is directly specified by the calling
+code. These are useful to avoid hard-coding database connection
+information into simple client applications.
messages from the backend server are displayed.
+
+PGREQUIRESSL sets whether or not the connection must be
+made over
SSL. If set to
+will refuse to connect if the server does not accept
+This option is only available if
+
PostgreSQL is compiled with SSL support.+
+
+
+PGCONNECT_TIMEOUT sets the maximum number of seconds
+that
libpq will wait when attempting to
+connect to the
PostgreSQL server. This
+option should be set to at least 2 seconds.
+
+
hostname:port:database:username:password
-Any of these may be a literal name, or *, which matches
-anything. The first match will be used so put more specific entries first.
-Entries with : or \ should be escaped
-with \.
+Any of these may be a literal name, or *, which
+matches anything. The first matching entry will be used, so put more-specific
+entries first. When an entry contains : or
+\, it must be escaped with \.
The permissions on .pgpass must disallow any
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.221 2003/01/08 21:33:27 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.222 2003/01/30 19:49:54 tgl Exp $
*
*-------------------------------------------------------------------------
*/
"Database-Password", "*", 20},
{"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL,
- "Connect-timeout", "", 10}, /* strlen( INT32_MAX) == 10 */
+ "Connect-timeout", "", 10}, /* strlen(INT32_MAX) == 10 */
{"dbname", "PGDATABASE", NULL, NULL,
"Database-Name", "", 20},
tmp = conninfo_getval(connOptions, "password");
conn->pgpass = tmp ? strdup(tmp) : NULL;
if (conn->pgpass == NULL || conn->pgpass[0] == '\0')
+ {
+ if (conn->pgpass)
+ free(conn->pgpass);
conn->pgpass = PasswordFromFile(conn->pghost, conn->pgport,
- conn->dbName, conn->pguser);
+ conn->dbName, conn->pguser);
+ if (conn->pgpass == NULL)
+ conn->pgpass = strdup(DefaultPassword);
+ }
tmp = conninfo_getval(connOptions, "connect_timeout");
conn->connect_timeout = tmp ? strdup(tmp) : NULL;
#ifdef USE_SSL
else
conn->dbName = strdup(dbName);
- /*
- * getPasswordFromFile mallocs its result, so we don't need strdup
- * here
- */
if (pwd)
conn->pgpass = strdup(pwd);
else if ((tmp = getenv("PGPASSWORD")) != NULL)
conn->pgpass = strdup(tmp);
+ else if ((tmp = PasswordFromFile(conn->pghost, conn->pgport,
+ conn->dbName, conn->pguser)) != NULL)
+ conn->pgpass = tmp;
else
conn->pgpass = strdup(DefaultPassword);
return NULL;
}
-/* get a password from the password file. */
+/* Get a password from the password file. Return value is malloc'd. */
char *
PasswordFromFile(char *hostname, char *port, char *dbname, char *username)
{
/* Look for it in the home dir */
home = getenv("HOME");
- if (home)
+ if (!home)
+ return NULL;
+
+ pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1);
+ if (!pgpassfile)
{
- pgpassfile = malloc(strlen(home) + 1 + strlen(PGPASSFILE) + 1);
- if (!pgpassfile)
- {
- fprintf(stderr, libpq_gettext("out of memory\n"));
- return NULL;
- }
- }
- else
+ fprintf(stderr, libpq_gettext("out of memory\n"));
return NULL;
+ }
sprintf(pgpassfile, "%s/%s", home, PGPASSFILE);
{
char *t = buf,
*ret;
+ int len;
fgets(buf, LINELEN - 1, fp);
- if (strlen(buf) == 0)
+
+ len = strlen(buf);
+ if (len == 0)
continue;
- buf[strlen(buf) - 1] = 0;
+ /* Remove trailing newline */
+ if (buf[len - 1] == '\n')
+ buf[len - 1] = 0;
+
if ((t = pwdfMatchesString(t, hostname)) == NULL ||
(t = pwdfMatchesString(t, port)) == NULL ||
(t = pwdfMatchesString(t, dbname)) == NULL ||
projects / postgresql.git / commitdiff