Re: [HACKERS] .pgpass's behavior has changed

2017-05-09 Thread Kyotaro HORIGUCHI 
At Mon, 1 May 2017 11:34:41 -0400, Robert Haas  wrote in 

> On Fri, Apr 28, 2017 at 3:54 AM, Kyotaro HORIGUCHI
>  wrote:
> > But the above also leaves a bug so I sent another patch to fix
> > it. The attched patch restores the 9.6's beavior of looking up
> > .pgpass file in the same manner to the aother patch.
> 
> Thanks for catching this.  Committed.

Thanks!

-- 
Kyotaro Horiguchi
NTT Open Source Software Center



-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] .pgpass's behavior has changed

2017-05-01 Thread Robert Haas 
On Fri, Apr 28, 2017 at 3:54 AM, Kyotaro HORIGUCHI
 wrote:
> But the above also leaves a bug so I sent another patch to fix
> it. The attched patch restores the 9.6's beavior of looking up
> .pgpass file in the same manner to the aother patch.

Thanks for catching this.  Committed.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] .pgpass's behavior has changed

2017-04-30 Thread Noah Misch 
On Fri, Apr 28, 2017 at 04:54:32PM +0900, Kyotaro HORIGUCHI wrote:
> I noticed that the precedence between host and hostaddr in a
> connection string is reversed in regard to .pgpass lookup in
> devel.
> 
> For example the following connection string uses a .pgpass entry
> with "127.0.0.1", not "hoge".
> 
> "host=hoge hostaddr=127.0.0.1 port=5432 dbname=postgres"
> 
> 
> This change was introdueced by the commit
> 274bb2b3857cc987cfa21d14775cae9b0dababa5 and the current behavior
> contradicts the documentation.
> 
> https://www.postgresql.org/docs/devel/static/libpq-connect.html
> 
> > hostaddr
> > ...
> >   Note that authentication is likely to fail if host is not the
> >   name of the server at network address hostaddr. Also, note that
> >   host rather than hostaddr is used to identify the connection in
> >   a password file (see Section 33.15, “The Password File”).
> 
> I think this should be fixed for the same reason with the
> following commit.
> 
> > commit 11003eb55658df0caf183eef69c7a97d56a4f2d7
> > Author: Robert Haas 
> > Date:   Thu Dec 1 14:36:39 2016 -0500
> > 
> > libpq: Fix inadvertent change in PQhost() behavior.
> 
> But the above also leaves a bug so I sent another patch to fix
> it. The attched patch restores the 9.6's beavior of looking up
> .pgpass file in the same manner to the aother patch.

[Action required within three days.  This is a generic notification.]

The above-described topic is currently a PostgreSQL 10 open item.  Robert,
since you committed the patch believed to have created it, you own this open
item.  If some other commit is more relevant or if this does not belong as a
v10 open item, please let us know.  Otherwise, please observe the policy on
open item ownership[1] and send a status update within three calendar days of
this message.  Include a date for your subsequent status update.  Testers may
discover new open items at any time, and I want to plan to get them all fixed
well in advance of shipping v10.  Consequently, I will appreciate your efforts
toward speedy resolution.  Thanks.

[1] 
https://www.postgresql.org/message-id/20170404140717.GA2675809%40tornado.leadboat.com


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] .pgpass's behavior has changed

2017-04-28 Thread Michael Paquier 
On Fri, Apr 28, 2017 at 4:54 PM, Kyotaro HORIGUCHI
 wrote:
> I noticed that the precedence between host and hostaddr in a
> connection string is reversed in regard to .pgpass lookup in
> devel.
>
> For example the following connection string uses a .pgpass entry
> with "127.0.0.1", not "hoge".
>
> "host=hoge hostaddr=127.0.0.1 port=5432 dbname=postgres"
>
>
> This change was introdueced by the commit
> 274bb2b3857cc987cfa21d14775cae9b0dababa5 and the current behavior
> contradicts the documentation.
>
> https://www.postgresql.org/docs/devel/static/libpq-connect.html
>
>> hostaddr
>> ...
>>   Note that authentication is likely to fail if host is not the
>>   name of the server at network address hostaddr. Also, note that
>>   host rather than hostaddr is used to identify the connection in
>>   a password file (see Section 33.15, “The Password File”).
>
> I think this should be fixed for the same reason with the
> following commit.

I am planning to look at your patch more closely, but thinking how
painful it is going to be to check your patch, I think that it would
be a good idea to have a TAP test for pgpass in
src/test/authentication/ to be sure that this never breaks again in
the future. We cannot test all combinations as servers only listen to
unix domains but surely we can get some coverage with libpq.
-- 
Michael


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] .pgpass's behavior has changed

2017-04-28 Thread Kyotaro HORIGUCHI 
Hello.

I noticed that the precedence between host and hostaddr in a
connection string is reversed in regard to .pgpass lookup in
devel.

For example the following connection string uses a .pgpass entry
with "127.0.0.1", not "hoge".

"host=hoge hostaddr=127.0.0.1 port=5432 dbname=postgres"


This change was introdueced by the commit
274bb2b3857cc987cfa21d14775cae9b0dababa5 and the current behavior
contradicts the documentation.

https://www.postgresql.org/docs/devel/static/libpq-connect.html

> hostaddr
> ...
>   Note that authentication is likely to fail if host is not the
>   name of the server at network address hostaddr. Also, note that
>   host rather than hostaddr is used to identify the connection in
>   a password file (see Section 33.15, “The Password File”).

I think this should be fixed for the same reason with the
following commit.

> commit 11003eb55658df0caf183eef69c7a97d56a4f2d7
> Author: Robert Haas 
> Date:   Thu Dec 1 14:36:39 2016 -0500
> 
> libpq: Fix inadvertent change in PQhost() behavior.

But the above also leaves a bug so I sent another patch to fix
it. The attched patch restores the 9.6's beavior of looking up
.pgpass file in the same manner to the aother patch.

regards,

-- 
Kyotaro Horiguchi
NTT Open Source Software Center
*** a/src/interfaces/libpq/fe-connect.c
--- b/src/interfaces/libpq/fe-connect.c
***
*** 978,986  connectOptions2(PGconn *conn)
  
  		for (i = 0; i < conn->nconnhost; i++)
  		{
! 			/* Try to get a password for this host from pgpassfile */
  			conn->connhost[i].password =
! passwordFromFile(conn->connhost[i].host,
   conn->connhost[i].port,
   conn->dbName,
   conn->pguser,
--- 978,995 
  
  		for (i = 0; i < conn->nconnhost; i++)
  		{
! 			/*
! 			 * Try to get a password for this host from pgpassfile. We use host
! 			 * name rather than host address in the same manner to PQhost().
! 			 */
! 			char *pwhost = conn->connhost[i].host;
! 
! 			if (conn->connhost[i].type == CHT_HOST_ADDRESS &&
! conn->pghost != NULL && conn->pghost[0] != '\0')
! pwhost = conn->pghost;
! 
  			conn->connhost[i].password =
! passwordFromFile(pwhost,
   conn->connhost[i].port,
   conn->dbName,
   conn->pguser,

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers