mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-09-14 12:19:37 +02:00
a9bd17616e
are motivated by security concerns, it's not just bug fixes. The key
differences (from stock 7.2.1) are:
*) almost all code that directly uses the OpenSSL library is in two
new files,
src/interfaces/libpq/fe-ssl.c
src/backend/postmaster/be-ssl.c
in the long run, it would be nice to merge these two files.
*) the legacy code to read and write network data have been
encapsulated into read_SSL() and write_SSL(). These functions
should probably be renamed - they handle both SSL and non-SSL
cases.
the remaining code should eliminate the problems identified
earlier, albeit not very cleanly.
*) both front- and back-ends will send a SSL shutdown via the
new close_SSL() function. This is necessary for sessions to
work properly.
(Sessions are not yet fully supported, but by cleanly closing
the SSL connection instead of just sending a TCP FIN packet
other SSL tools will be much happier.)
*) The client certificate and key are now expected in a subdirectory
of the user's home directory. Specifically,
- the directory .postgresql must be owned by the user, and
allow no access by 'group' or 'other.'
- the file .postgresql/postgresql.crt must be a regular file
owned by the user.
- the file .postgresql/postgresql.key must be a regular file
owned by the user, and allow no access by 'group' or 'other'.
At the current time encrypted private keys are not supported.
There should also be a way to support multiple client certs/keys.
*) the front-end performs minimal validation of the back-end cert.
Self-signed certs are permitted, but the common name *must*
match the hostname used by the front-end. (The cert itself
should always use a fully qualified domain name (FDQN) in its
common name field.)
This means that
psql -h eris db
will fail, but
psql -h eris.example.com db
will succeed. At the current time this must be an exact match;
future patches may support any FQDN that resolves to the address
returned by getpeername(2).
Another common "problem" is expiring certs. For now, it may be
a good idea to use a very-long-lived self-signed cert.
As a compile-time option, the front-end can specify a file
containing valid root certificates, but it is not yet required.
*) the back-end performs minimal validation of the client cert.
It allows self-signed certs. It checks for expiration. It
supports a compile-time option specifying a file containing
valid root certificates.
*) both front- and back-ends default to TLSv1, not SSLv3/SSLv2.
*) both front- and back-ends support DSA keys. DSA keys are
moderately more expensive on startup, but many people consider
them preferable than RSA keys. (E.g., SSH2 prefers DSA keys.)
*) if /dev/urandom exists, both client and server will read 16k
of randomization data from it.
*) the server can read empheral DH parameters from the files
$DataDir/dh512.pem
$DataDir/dh1024.pem
$DataDir/dh2048.pem
$DataDir/dh4096.pem
if none are provided, the server will default to hardcoded
parameter files provided by the OpenSSL project.
Remaining tasks:
*) the select() clauses need to be revisited - the SSL abstraction
layer may need to absorb more of the current code to avoid rare
deadlock conditions. This also touches on a true solution to
the pg_eof() problem.
*) the SIGPIPE signal handler may need to be revisited.
*) support encrypted private keys.
*) sessions are not yet fully supported. (SSL sessions can span
multiple "connections," and allow the client and server to avoid
costly renegotiations.)
*) makecert - a script that creates back-end certs.
*) pgkeygen - a tool that creates front-end certs.
*) the whole protocol issue, SASL, etc.
*) certs are fully validated - valid root certs must be available.
This is a hassle, but it means that you *can* trust the identity
of the server.
*) the client library can handle hardcoded root certificates, to
avoid the need to copy these files.
*) host name of server cert must resolve to IP address, or be a
recognized alias. This is more liberal than the previous
iteration.
*) the number of bytes transferred is tracked, and the session
key is periodically renegotiated.
*) basic cert generation scripts (mkcert.sh, pgkeygen.sh). The
configuration files have reasonable defaults for each type
of use.
Bear Giles
711 lines
16 KiB
C
711 lines
16 KiB
C
/*
|
|
* psql - the PostgreSQL interactive terminal
|
|
*
|
|
* Copyright 2000 by PostgreSQL Global Development Group
|
|
*
|
|
* $Header: /cvsroot/pgsql/src/bin/psql/startup.c,v 1.58 2002/06/14 03:56:47 momjian Exp $
|
|
*/
|
|
#include "postgres_fe.h"
|
|
|
|
#include <sys/types.h>
|
|
|
|
#ifndef WIN32
|
|
#include <unistd.h>
|
|
#else /* WIN32 */
|
|
#include <io.h>
|
|
#include <windows.h>
|
|
#include <win32.h>
|
|
#endif /* WIN32 */
|
|
|
|
#ifdef HAVE_GETOPT_H
|
|
#include <getopt.h>
|
|
#endif
|
|
|
|
#ifdef ENABLE_NLS
|
|
#include <locale.h>
|
|
#endif
|
|
|
|
#include "libpq-fe.h"
|
|
|
|
#include "command.h"
|
|
#include "common.h"
|
|
#include "describe.h"
|
|
#include "help.h"
|
|
#include "input.h"
|
|
#include "mainloop.h"
|
|
#include "print.h"
|
|
#include "settings.h"
|
|
#include "variables.h"
|
|
|
|
#ifdef MULTIBYTE
|
|
#include "mb/pg_wchar.h"
|
|
#else
|
|
/* XXX Grand unified hard-coded badness; this should go into libpq */
|
|
#define pg_encoding_to_char(x) "SQL_ASCII"
|
|
#endif
|
|
|
|
/*
|
|
* Global psql options
|
|
*/
|
|
PsqlSettings pset;
|
|
|
|
|
|
/*
|
|
* Structures to pass information between the option parsing routine
|
|
* and the main function
|
|
*/
|
|
enum _actions
|
|
{
|
|
ACT_NOTHING = 0,
|
|
ACT_SINGLE_SLASH,
|
|
ACT_LIST_DB,
|
|
ACT_SINGLE_QUERY,
|
|
ACT_FILE
|
|
};
|
|
|
|
struct adhoc_opts
|
|
{
|
|
char *dbname;
|
|
char *host;
|
|
char *port;
|
|
char *username;
|
|
enum _actions action;
|
|
char *action_string;
|
|
bool no_readline;
|
|
bool no_psqlrc;
|
|
};
|
|
|
|
static void
|
|
parse_psql_options(int argc, char *argv[], struct adhoc_opts * options);
|
|
|
|
static void
|
|
process_psqlrc(void);
|
|
|
|
static void
|
|
showVersion(void);
|
|
|
|
#ifdef USE_SSL
|
|
static void
|
|
printSSLInfo(void);
|
|
#endif
|
|
|
|
|
|
/*
|
|
*
|
|
* main
|
|
*
|
|
*/
|
|
int
|
|
main(int argc, char *argv[])
|
|
{
|
|
struct adhoc_opts options;
|
|
int successResult;
|
|
|
|
char *username = NULL;
|
|
char *password = NULL;
|
|
bool need_pass;
|
|
|
|
#ifdef ENABLE_NLS
|
|
setlocale(LC_ALL, "");
|
|
bindtextdomain("psql", LOCALEDIR);
|
|
textdomain("psql");
|
|
#endif
|
|
|
|
if (!strrchr(argv[0], '/'))
|
|
pset.progname = argv[0];
|
|
else
|
|
pset.progname = strrchr(argv[0], '/') + 1;
|
|
|
|
if (argc > 1)
|
|
{
|
|
if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0)
|
|
{
|
|
usage();
|
|
exit(EXIT_SUCCESS);
|
|
}
|
|
if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0)
|
|
{
|
|
showVersion();
|
|
exit(EXIT_SUCCESS);
|
|
}
|
|
}
|
|
|
|
pset.cur_cmd_source = stdin;
|
|
pset.cur_cmd_interactive = false;
|
|
pset.encoding = PQenv2encoding();
|
|
|
|
pset.vars = CreateVariableSpace();
|
|
if (!pset.vars)
|
|
{
|
|
fprintf(stderr, gettext("%s: out of memory\n"), pset.progname);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
pset.popt.topt.format = PRINT_ALIGNED;
|
|
pset.queryFout = stdout;
|
|
pset.popt.topt.border = 1;
|
|
pset.popt.topt.pager = true;
|
|
pset.popt.default_footer = true;
|
|
|
|
SetVariable(pset.vars, "VERSION", PG_VERSION_STR);
|
|
|
|
pset.notty = (!isatty(fileno(stdin)) || !isatty(fileno(stdout)));
|
|
|
|
/* This is obsolete and should be removed sometime. */
|
|
#ifdef PSQL_ALWAYS_GET_PASSWORDS
|
|
pset.getPassword = true;
|
|
#else
|
|
pset.getPassword = false;
|
|
#endif
|
|
|
|
parse_psql_options(argc, argv, &options);
|
|
|
|
if (!pset.popt.topt.fieldSep)
|
|
pset.popt.topt.fieldSep = xstrdup(DEFAULT_FIELD_SEP);
|
|
if (!pset.popt.topt.recordSep)
|
|
pset.popt.topt.recordSep = xstrdup(DEFAULT_RECORD_SEP);
|
|
|
|
if (options.username)
|
|
{
|
|
/*
|
|
* The \001 is a hack to support the deprecated -u option which
|
|
* issues a username prompt. The recommended option is -U followed
|
|
* by the name on the command line.
|
|
*/
|
|
if (strcmp(options.username, "\001") == 0)
|
|
username = simple_prompt("User name: ", 100, true);
|
|
else
|
|
username = strdup(options.username);
|
|
}
|
|
|
|
if (pset.getPassword)
|
|
password = simple_prompt("Password: ", 100, false);
|
|
|
|
/* loop until we have a password if requested by backend */
|
|
do
|
|
{
|
|
need_pass = false;
|
|
pset.db = PQsetdbLogin(options.host, options.port, NULL, NULL,
|
|
options.action == ACT_LIST_DB ? "template1" : options.dbname,
|
|
username, password);
|
|
|
|
if (PQstatus(pset.db) == CONNECTION_BAD &&
|
|
strcmp(PQerrorMessage(pset.db), "fe_sendauth: no password supplied\n") == 0 &&
|
|
!feof(stdin))
|
|
{
|
|
PQfinish(pset.db);
|
|
need_pass = true;
|
|
free(password);
|
|
password = NULL;
|
|
password = simple_prompt("Password: ", 100, false);
|
|
}
|
|
} while (need_pass);
|
|
|
|
free(username);
|
|
free(password);
|
|
|
|
if (PQstatus(pset.db) == CONNECTION_BAD)
|
|
{
|
|
fprintf(stderr, "%s: %s", pset.progname, PQerrorMessage(pset.db));
|
|
PQfinish(pset.db);
|
|
exit(EXIT_BADCONN);
|
|
}
|
|
|
|
PQsetNoticeProcessor(pset.db, NoticeProcessor, NULL);
|
|
|
|
/*
|
|
* We need to save the encoding because we want to have it available
|
|
* even if the database connection goes bad.
|
|
*/
|
|
pset.encoding = PQclientEncoding(pset.db);
|
|
|
|
if (options.action == ACT_LIST_DB)
|
|
{
|
|
int success = listAllDbs(false);
|
|
|
|
PQfinish(pset.db);
|
|
exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
|
|
}
|
|
|
|
SetVariable(pset.vars, "DBNAME", PQdb(pset.db));
|
|
SetVariable(pset.vars, "USER", PQuser(pset.db));
|
|
SetVariable(pset.vars, "HOST", PQhost(pset.db));
|
|
SetVariable(pset.vars, "PORT", PQport(pset.db));
|
|
SetVariable(pset.vars, "ENCODING", pg_encoding_to_char(pset.encoding));
|
|
|
|
/*
|
|
* Now find something to do
|
|
*/
|
|
|
|
/*
|
|
* process file given by -f
|
|
*/
|
|
if (options.action == ACT_FILE && strcmp(options.action_string, "-") != 0)
|
|
{
|
|
if (!options.no_psqlrc)
|
|
process_psqlrc();
|
|
|
|
successResult = process_file(options.action_string);
|
|
}
|
|
|
|
/*
|
|
* process slash command if one was given to -c
|
|
*/
|
|
else if (options.action == ACT_SINGLE_SLASH)
|
|
{
|
|
const char *value;
|
|
|
|
if ((value = GetVariable(pset.vars, "ECHO")) && strcmp(value, "all") == 0)
|
|
puts(options.action_string);
|
|
successResult = HandleSlashCmds(options.action_string, NULL, NULL, NULL) != CMD_ERROR
|
|
? EXIT_SUCCESS : EXIT_FAILURE;
|
|
}
|
|
|
|
/*
|
|
* If the query given to -c was a normal one, send it
|
|
*/
|
|
else if (options.action == ACT_SINGLE_QUERY)
|
|
{
|
|
const char *value;
|
|
|
|
if ((value = GetVariable(pset.vars, "ECHO")) && strcmp(value, "all") == 0)
|
|
puts(options.action_string);
|
|
successResult = SendQuery(options.action_string)
|
|
? EXIT_SUCCESS : EXIT_FAILURE;
|
|
}
|
|
|
|
/*
|
|
* or otherwise enter interactive main loop
|
|
*/
|
|
else
|
|
{
|
|
pset.issuper = test_superuser(PQuser(pset.db));
|
|
if (!QUIET() && !pset.notty)
|
|
{
|
|
printf(gettext("Welcome to %s, the PostgreSQL interactive terminal.\n\n"
|
|
"Type: \\copyright for distribution terms\n"
|
|
" \\h for help with SQL commands\n"
|
|
" \\? for help on internal slash commands\n"
|
|
" \\g or terminate with semicolon to execute query\n"
|
|
" \\q to quit\n\n"),
|
|
pset.progname);
|
|
#ifdef USE_SSL
|
|
printSSLInfo();
|
|
#endif
|
|
}
|
|
|
|
SetVariable(pset.vars, "PROMPT1", DEFAULT_PROMPT1);
|
|
SetVariable(pset.vars, "PROMPT2", DEFAULT_PROMPT2);
|
|
SetVariable(pset.vars, "PROMPT3", DEFAULT_PROMPT3);
|
|
if (!options.no_psqlrc)
|
|
process_psqlrc();
|
|
if (!pset.notty)
|
|
initializeInput(options.no_readline ? 0 : 1);
|
|
if (options.action_string) /* -f - was used */
|
|
pset.inputfile = "<stdin>";
|
|
successResult = MainLoop(stdin);
|
|
}
|
|
|
|
/* clean up */
|
|
PQfinish(pset.db);
|
|
setQFout(NULL);
|
|
|
|
return successResult;
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
* Parse command line options
|
|
*/
|
|
|
|
#ifdef WIN32
|
|
/* getopt is not in the standard includes on Win32 */
|
|
int getopt(int, char *const[], const char *);
|
|
|
|
/* And it requires progname to be set */
|
|
char *__progname = "psql";
|
|
#endif
|
|
|
|
static void
|
|
parse_psql_options(int argc, char *argv[], struct adhoc_opts * options)
|
|
{
|
|
#ifdef HAVE_GETOPT_LONG
|
|
static struct option long_options[] =
|
|
{
|
|
{"echo-all", no_argument, NULL, 'a'},
|
|
{"no-align", no_argument, NULL, 'A'},
|
|
{"command", required_argument, NULL, 'c'},
|
|
{"dbname", required_argument, NULL, 'd'},
|
|
{"echo-queries", no_argument, NULL, 'e'},
|
|
{"echo-hidden", no_argument, NULL, 'E'},
|
|
{"file", required_argument, NULL, 'f'},
|
|
{"field-separator", required_argument, NULL, 'F'},
|
|
{"host", required_argument, NULL, 'h'},
|
|
{"html", no_argument, NULL, 'H'},
|
|
{"list", no_argument, NULL, 'l'},
|
|
{"no-readline", no_argument, NULL, 'n'},
|
|
{"output", required_argument, NULL, 'o'},
|
|
{"port", required_argument, NULL, 'p'},
|
|
{"pset", required_argument, NULL, 'P'},
|
|
{"quiet", no_argument, NULL, 'q'},
|
|
{"record-separator", required_argument, NULL, 'R'},
|
|
{"single-step", no_argument, NULL, 's'},
|
|
{"single-line", no_argument, NULL, 'S'},
|
|
{"tuples-only", no_argument, NULL, 't'},
|
|
{"table-attr", required_argument, NULL, 'T'},
|
|
{"username", required_argument, NULL, 'U'},
|
|
{"set", required_argument, NULL, 'v'},
|
|
{"variable", required_argument, NULL, 'v'},
|
|
{"version", no_argument, NULL, 'V'},
|
|
{"password", no_argument, NULL, 'W'},
|
|
{"expanded", no_argument, NULL, 'x'},
|
|
{"no-psqlrc", no_argument, NULL, 'X'},
|
|
{"help", no_argument, NULL, '?'},
|
|
{NULL, 0, NULL, 0}
|
|
};
|
|
|
|
int optindex;
|
|
#endif /* HAVE_GETOPT_LONG */
|
|
|
|
extern char *optarg;
|
|
extern int optind;
|
|
int c;
|
|
bool used_old_u_option = false;
|
|
|
|
memset(options, 0, sizeof *options);
|
|
|
|
#ifdef HAVE_GETOPT_LONG
|
|
while ((c = getopt_long(argc, argv, "aAc:d:eEf:F:h:Hlno:p:P:qR:sStT:uU:v:VWxX?", long_options, &optindex)) != -1)
|
|
#else /* not HAVE_GETOPT_LONG */
|
|
|
|
/*
|
|
* Be sure to leave the '-' in here, so we can catch accidental long
|
|
* options.
|
|
*/
|
|
while ((c = getopt(argc, argv, "aAc:d:eEf:F:h:Hlno:p:P:qR:sStT:uU:v:VWxX?-")) != -1)
|
|
#endif /* not HAVE_GETOPT_LONG */
|
|
{
|
|
switch (c)
|
|
{
|
|
case 'a':
|
|
SetVariable(pset.vars, "ECHO", "all");
|
|
break;
|
|
case 'A':
|
|
pset.popt.topt.format = PRINT_UNALIGNED;
|
|
break;
|
|
case 'c':
|
|
options->action_string = optarg;
|
|
if (optarg[0] == '\\')
|
|
{
|
|
options->action = ACT_SINGLE_SLASH;
|
|
options->action_string++;
|
|
}
|
|
else
|
|
options->action = ACT_SINGLE_QUERY;
|
|
break;
|
|
case 'd':
|
|
options->dbname = optarg;
|
|
break;
|
|
case 'e':
|
|
SetVariable(pset.vars, "ECHO", "queries");
|
|
break;
|
|
case 'E':
|
|
SetVariableBool(pset.vars, "ECHO_HIDDEN");
|
|
break;
|
|
case 'f':
|
|
options->action = ACT_FILE;
|
|
options->action_string = optarg;
|
|
break;
|
|
case 'F':
|
|
pset.popt.topt.fieldSep = xstrdup(optarg);
|
|
break;
|
|
case 'h':
|
|
options->host = optarg;
|
|
break;
|
|
case 'H':
|
|
pset.popt.topt.format = PRINT_HTML;
|
|
break;
|
|
case 'l':
|
|
options->action = ACT_LIST_DB;
|
|
break;
|
|
case 'n':
|
|
options->no_readline = true;
|
|
break;
|
|
case 'o':
|
|
setQFout(optarg);
|
|
break;
|
|
case 'p':
|
|
options->port = optarg;
|
|
break;
|
|
case 'P':
|
|
{
|
|
char *value;
|
|
char *equal_loc;
|
|
bool result;
|
|
|
|
value = xstrdup(optarg);
|
|
equal_loc = strchr(value, '=');
|
|
if (!equal_loc)
|
|
result = do_pset(value, NULL, &pset.popt, true);
|
|
else
|
|
{
|
|
*equal_loc = '\0';
|
|
result = do_pset(value, equal_loc + 1, &pset.popt, true);
|
|
}
|
|
|
|
if (!result)
|
|
{
|
|
fprintf(stderr, gettext("%s: couldn't set printing parameter %s\n"), pset.progname, value);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
|
|
free(value);
|
|
break;
|
|
}
|
|
case 'q':
|
|
SetVariableBool(pset.vars, "QUIET");
|
|
break;
|
|
case 'R':
|
|
pset.popt.topt.recordSep = xstrdup(optarg);
|
|
break;
|
|
case 's':
|
|
SetVariableBool(pset.vars, "SINGLESTEP");
|
|
break;
|
|
case 'S':
|
|
SetVariableBool(pset.vars, "SINGLELINE");
|
|
break;
|
|
case 't':
|
|
pset.popt.topt.tuples_only = true;
|
|
break;
|
|
case 'T':
|
|
pset.popt.topt.tableAttr = xstrdup(optarg);
|
|
break;
|
|
case 'u':
|
|
pset.getPassword = true;
|
|
options->username = "\001"; /* hopefully nobody has
|
|
* that username */
|
|
/* this option is out */
|
|
used_old_u_option = true;
|
|
break;
|
|
case 'U':
|
|
options->username = optarg;
|
|
break;
|
|
case 'v':
|
|
{
|
|
char *value;
|
|
char *equal_loc;
|
|
|
|
value = xstrdup(optarg);
|
|
equal_loc = strchr(value, '=');
|
|
if (!equal_loc)
|
|
{
|
|
if (!DeleteVariable(pset.vars, value))
|
|
{
|
|
fprintf(stderr, gettext("%s: could not delete variable %s\n"),
|
|
pset.progname, value);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
*equal_loc = '\0';
|
|
if (!SetVariable(pset.vars, value, equal_loc + 1))
|
|
{
|
|
fprintf(stderr, gettext("%s: could not set variable %s\n"),
|
|
pset.progname, value);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
}
|
|
|
|
free(value);
|
|
break;
|
|
}
|
|
case 'V':
|
|
showVersion();
|
|
exit(EXIT_SUCCESS);
|
|
case 'W':
|
|
pset.getPassword = true;
|
|
break;
|
|
case 'x':
|
|
pset.popt.topt.expanded = true;
|
|
break;
|
|
case 'X':
|
|
options->no_psqlrc = true;
|
|
break;
|
|
case '?':
|
|
/* Actual help option given */
|
|
if (strcmp(argv[optind - 1], "-?") == 0 || strcmp(argv[optind - 1], "--help") == 0)
|
|
{
|
|
usage();
|
|
exit(EXIT_SUCCESS);
|
|
}
|
|
/* unknown option reported by getopt */
|
|
else
|
|
{
|
|
fprintf(stderr, gettext("Try '%s --help' for more information.\n"),
|
|
pset.progname);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
break;
|
|
#ifndef HAVE_GETOPT_LONG
|
|
case '-':
|
|
fprintf(stderr,
|
|
gettext("%s was compiled without support for long options.\n"
|
|
"Use --help for help on invocation options.\n"),
|
|
pset.progname);
|
|
exit(EXIT_FAILURE);
|
|
break;
|
|
#endif
|
|
default:
|
|
fprintf(stderr, gettext("Try '%s --help' for more information.\n"),
|
|
pset.progname);
|
|
exit(EXIT_FAILURE);
|
|
break;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* if we still have arguments, use it as the database name and
|
|
* username
|
|
*/
|
|
while (argc - optind >= 1)
|
|
{
|
|
if (!options->dbname)
|
|
options->dbname = argv[optind];
|
|
else if (!options->username)
|
|
options->username = argv[optind];
|
|
else if (!QUIET())
|
|
fprintf(stderr, gettext("%s: warning: extra option %s ignored\n"),
|
|
pset.progname, argv[optind]);
|
|
|
|
optind++;
|
|
}
|
|
|
|
if (used_old_u_option && !QUIET())
|
|
fprintf(stderr, gettext("%s: Warning: The -u option is deprecated. Use -U.\n"), pset.progname);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
* Load .psqlrc file, if found.
|
|
*/
|
|
static void
|
|
process_psqlrc(void)
|
|
{
|
|
char *psqlrc;
|
|
char *home;
|
|
|
|
#ifdef WIN32
|
|
#define R_OK 0
|
|
#endif
|
|
|
|
/* Look for one in the home dir */
|
|
home = getenv("HOME");
|
|
|
|
if (home)
|
|
{
|
|
psqlrc = malloc(strlen(home) + 20);
|
|
if (!psqlrc)
|
|
{
|
|
fprintf(stderr, gettext("%s: out of memory\n"), pset.progname);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
|
|
sprintf(psqlrc, "%s/.psqlrc-" PG_VERSION, home);
|
|
if (access(psqlrc, R_OK) == 0)
|
|
process_file(psqlrc);
|
|
else
|
|
{
|
|
sprintf(psqlrc, "%s/.psqlrc", home);
|
|
if (access(psqlrc, R_OK) == 0)
|
|
process_file(psqlrc);
|
|
}
|
|
free(psqlrc);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/* showVersion
|
|
*
|
|
* This output format is intended to match GNU standards.
|
|
*/
|
|
static void
|
|
showVersion(void)
|
|
{
|
|
puts("psql (PostgreSQL) " PG_VERSION);
|
|
|
|
#if defined(USE_READLINE) || defined(MULTIBYTE)
|
|
fputs(gettext("contains support for: "), stdout);
|
|
|
|
#ifdef USE_READLINE
|
|
fputs(gettext("readline"), stdout);
|
|
#define _Feature
|
|
#endif
|
|
|
|
#ifdef MULTIBYTE
|
|
#ifdef _Feature
|
|
fputs(", ", stdout);
|
|
#else
|
|
#define _Feature
|
|
#endif
|
|
fputs(gettext("multibyte"), stdout);
|
|
#endif
|
|
|
|
#undef _Feature
|
|
|
|
puts("");
|
|
#endif
|
|
|
|
puts(gettext("Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group\n"
|
|
"Portions Copyright (c) 1996, Regents of the University of California\n"
|
|
"Read the file COPYRIGHT or use the command \\copyright to see the\n"
|
|
"usage and distribution terms."));
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
* printSSLInfo
|
|
*
|
|
* Prints information about the current SSL connection, if SSL is in use
|
|
*/
|
|
#ifdef USE_SSL
|
|
static void
|
|
printSSLInfo(void)
|
|
{
|
|
int sslbits = -1;
|
|
SSL *ssl;
|
|
X509 *peer;
|
|
char sn[256];
|
|
long l;
|
|
|
|
ssl = PQgetssl(pset.db);
|
|
if (!ssl)
|
|
return; /* no SSL */
|
|
|
|
/* peer = pset.db.peer; */
|
|
if ((peer = SSL_get_peer_certificate(ssl)) != NULL)
|
|
{
|
|
X509_NAME_oneline(X509_get_subject_name(peer), sn, sizeof sn);
|
|
}
|
|
else
|
|
{
|
|
strncpy(sn, "(anonymous)", sizeof sn);
|
|
}
|
|
printf(gettext("SSL connection\n"));
|
|
printf(gettext("(host: %s)\n"), sn);
|
|
|
|
SSL_get_cipher_bits(ssl, &sslbits);
|
|
printf(gettext("(protocol: %s)\n"), SSL_get_version(ssl)),
|
|
printf(gettext("(cipher: %s, bits: %i)\n"),
|
|
SSL_get_cipher(ssl), sslbits);
|
|
l = SSL_get_default_timeout(ssl);
|
|
printf(gettext("(timeout: %ld:%02ld:%02ld)\n\n"),
|
|
l / 3600L, (l / 60L) % 60L, l % 60L);
|
|
}
|
|
|
|
#endif
|