From 453d74b99c9ba6e5e75d214b0d7bec13553ded89 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Fri, 10 Jun 2005 03:02:30 +0000 Subject: [PATCH] Add the "PGPASSFILE" environment variable to specify to the password file. Andrew Dunstan --- doc/src/sgml/libpq.sgml | 26 +++++++++++++++++------- src/interfaces/libpq/fe-connect.c | 33 ++++++++++++++++++++++++++----- 2 files changed, 47 insertions(+), 12 deletions(-) diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index adee93a885..be92de3e70 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -1,5 +1,5 @@ @@ -3712,6 +3712,17 @@ allow non-root users to see process environment variables via + + PGPASSFILE + +PGPASSFILE +specifies the name of the password file to use for lookups. +If not set, it defaults to ~/.pgpass +(see ). + + + + PGSERVICE @@ -3902,12 +3913,13 @@ internationalization. -The file .pgpass in a user's home directory is a file -that can contain passwords to be used if the connection requires a -password (and no password has been specified otherwise). -On Microsoft Windows the file is named -%APPDATA%\postgresql\pgpass.conf (where %APPDATA% -refers to the Application Data subdirectory in the user's profile). +The file .pgpass in a user's home directory or the +file referenced by PGPASSFILE can contain passwords to +be used if the connection requires a password (and no password has been +specified otherwise). On Microsoft Windows the file is named +%APPDATA%\postgresql\pgpass.conf (where +%APPDATA% refers to the Application Data subdirectory in +the user's profile). diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 0589945023..8c9a005602 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.307 2005/06/04 20:42:43 momjian Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.308 2005/06/10 03:02:30 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -3217,9 +3217,9 @@ static char * PasswordFromFile(char *hostname, char *port, char *dbname, char *username) { FILE *fp; - char homedir[MAXPGPATH]; char pgpassfile[MAXPGPATH]; struct stat stat_buf; + char *passfile_env; #define LINELEN NAMEDATALEN*5 char buf[LINELEN]; @@ -3236,15 +3236,38 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username) if (port == NULL) port = DEF_PGPORT_STR; - if (!pqGetHomeDirectory(homedir, sizeof(homedir))) - return NULL; + if ((passfile_env = getenv("PGPASSFILE")) != NULL) + { + /* use the literal path from the environment, if set */ + StrNCpy(pgpassfile, passfile_env, MAXPGPATH); + if (!pgpassfile) + { + fprintf(stderr, libpq_gettext("out of memory\n")); + return NULL; + } + } + else + { + char homedir[MAXPGPATH]; - snprintf(pgpassfile, sizeof(pgpassfile), "%s/%s", homedir, PGPASSFILE); + if (!pqGetHomeDirectory(homedir, sizeof(homedir))) + return NULL; + snprintf(pgpassfile, sizeof(pgpassfile), "%s/%s", homedir, PGPASSFILE); + } /* If password file cannot be opened, ignore it. */ if (stat(pgpassfile, &stat_buf) == -1) return NULL; + if (!S_ISREG(stat_buf.st_mode)) + { + fprintf(stderr, + libpq_gettext("WARNING: Password file %s is not a plain file.\n"), + pgpassfile); + free(pgpassfile); + return NULL; + } + #ifndef WIN32 /* If password file is insecure, alert the user and ignore it. */ if (stat_buf.st_mode & (S_IRWXG | S_IRWXO))