| From: | Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com> |
|---|---|
| To: | Prasad <prasad(dot)s(at)mail(dot)com> |
| Cc: | Dave Page <dpage(at)pgadmin(dot)org>, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: Patch : PGPASSFILE fix |
| Date: | 2015-03-11 07:42:14 |
| Message-ID: | CAG7mmowOm4shOUYpJe2E8Y_Kde2zTBctZ1FS=0V+BPb-f38Kkw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
On Wed, Mar 11, 2015 at 1:06 PM, Prasad <prasad(dot)s(at)mail(dot)com> wrote:
> I think, we need to agree what exactly solution should be. About creating
> parent directories.It's going to complicate solution, path can be of any
> depth. i.e. /a/b/c/d/e/.pgpass, and none of these folders could present.
> Are we going to keep on creating all folders ?
>
Agree - it's going to be complicated.
Dave?
>
> regards,
> Prasad
>
>
>
> Sent: Tuesday, March 10, 2015 at 7:09 AM
> From: "Ashesh Vashi" <ashesh(dot)vashi(at)enterprisedb(dot)com>ut
> To: Prasad <prasad(dot)s(at)mail(dot)com>
> Cc: "Dave Page" <dpage(at)pgadmin(dot)org>, pgadmin-hackers <
> pgadmin-hackers(at)postgresql(dot)org>
> Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix
>
> Hi Prasad,
>
> On Thu, Mar 5, 2015 at 4:20 AM, Prasad <prasad(dot)s(at)mail(dot)com> wrote:
>
> Hi,
>
> As mentioned in my earlier communication code calling this function is
> checking for file existence. So if we decide to add code for creation of
> full path, then similar code has to be removed from location of call to
> this function. Otherwise, it will end up with multiple error messages. It's
> wxWidget's wxFile that throws error.
>
> So, I've created two patches, and we can go with one of them.
> 1. Let GetConfigFile function just read value from PGPASSFILE and return
> as it is as like, similar to way it creates default path(It doesn't create
> file in case of default path as well). And calling functions are taking
> care of path validation and error messages.
> This won't work.
> We should create the file, if it does not exists (and, the path).2. Let
> GetConfigFile function read value from PGPASSFILE and create file path ,it
> will show error message in case it can't. In this case calling code only
> should check existence of file before going ahead, and not try to create or
> read file, otherwise , user will end up with multiple message boxes with
> same error.
> The patch, you shared, do not create the path (parent directories) for the
> PGPASSFILE (if it does not exists).
> You're only creating the file, which is not right.
>
> NOTE:
> Please do not mix tabs and spaces in your patch.
> I am still not able to apply the patch using 'git apply' utility.
>
>
> --
> Thanks & Regards,
>
> Ashesh Vashi
> EnterpriseDB INDIA: Enterprise PostgreSQL Company[
> http://www.enterprisedb.com]
>
>
> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]
> regards,
> Prasad
>
>
>
>
>
> Sent: Wednesday, March 04, 2015 at 11:35 AM
> From: "Ashesh Vashi" <ashesh(dot)vashi(at)enterprisedb(dot)com[
> ashesh(dot)vashi(at)enterprisedb(dot)com]>, func
> To: "Dave Page" <dpage(at)pgadmin(dot)org[dpage@pgadmin.org]>
> Cc: Prasad <prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail.com]>, pgadmin-hackers <
> pgadmin-hackers(at)postgresql(dot)org[pgadmin-hackers@postgresql.org]>
> Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix
>
> On Wed, Mar 4, 2015 at 4:40 PM, Dave Page <dpage(at)pgadmin(dot)org[
> dpage(at)pgadmin(dot)org]> wrote:
>
>
>
> On Wed, Mar 4, 2015 at 11:06 AM, Ashesh Vashi <
> ashesh(dot)vashi(at)enterprisedb(dot)com[ashesh(dot)vashi@enterprisedb.com][
> ashesh(dot)vashi(at)enterprisedb(dot)com[ashesh(dot)vashi@enterprisedb.com]]> wrote:
> On Wed, Mar 4, 2015 at 4:09 PM, Dave Page <dpage(at)pgadmin(dot)org[
> dpage(at)pgadmin(dot)org][dpage@pgadmin(dot)org[dpage(at)pgadmin(dot)org]]> wrote:
>
> I think we should try to create the full path if necessary, and simply
> throw an error if we can't.
> And, I think - we should switch back to default pgpass configuration file.
>
> No, because that's a security risk (writing the password to a file that
> wasn't what the user intended).
> Agree.
>
> --
> Thanks & Regards,
>
> Ashesh Vashi
> EnterpriseDB INDIA: Enterprise PostgreSQL Company[
> http://www.enterprisedb.com[http://www.enterprisedb.com]]
>
>
> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]]
>
>
>
>
> --
> Thanks & Regards,
>
> Ashesh Vashi
> EnterpriseDB INDIA: Enterprise PostgreSQL Company[
> http://www.enterprisedb.com[http://www.enterprisedb.com]]
>
>
> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]]
>
> On Wed, Mar 4, 2015 at 10:01 AM, Prasad <prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com][prasad(dot)s@mail(dot)com[prasad(dot)s(at)mail(dot)com]]> wrote:
> > Alright , I'll revert to PGPASS check.
> > Existing function only creates folder containing file. With this case,
> whats expected ? Reading value in PGPASSFILE and try to create folder
> containing pgpass file (Assuming it's valid path)? Remember, it's
> environment variable. User can specify anything in there. Some garbage
> value as well. If we don't do any validation there, user will automatically
> see error with complain about file ?
> >
> > thanks and regards,
> > Prasad
> >
> >
> > Sent: Wednesday, March 04, 2015 at 7:48 AM
> > From: "Ashesh Vashi" <ashesh(dot)vashi(at)enterprisedb(dot)com[
> ashesh(dot)vashi(at)enterprisedb(dot)com][ashesh(dot)vashi@enterprisedb.com[
> ashesh(dot)vashi(at)enterprisedb(dot)com]]>
> > To: Prasad <prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail(dot)com][prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com]]>
> > Cc: pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]]>
> > Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix
> >
> > On Wed, Mar 4, 2015 at 8:44 AM, Prasad <prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com][prasad(dot)s@mail(dot)com[prasad(dot)s(at)mail(dot)com]]> wrote:
> >
> > Ashesh,
> >
> > Thanks for reviewing patch,
> > Code I have removed in I think, was switch statement inside if
> condition, which doesn't make sense.
> > ie.
> > if (var == 2)
> > {
> > switch (var)
> > case 2:
> > .....
> > break;
> > }
> >
> > that's why I removed it, because it's redundant.
> > Agree about redundancy, but you've also removed the code for checking
> the PGPASS check at the start of the function.
> > i.e.
> > @@ -762,35 +762,33 @@ void sysSettings::SetCanonicalLanguage(const
> wxLanguage &lang)
> >
> //////////////////////////////////////////////////////////////////////////
> > wxString sysSettings::GetConfigFile(configFileName cfgname)
> > {
> > - if (cfgname == PGPASS)
> > - {
> >
> > I am not agree with that.
> > About creation of directory, I'm not sure if this validation is
> required. Existing code creates directory postgresql (only on windows)
> according to
> http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html[http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5Bhttp://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5D][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html[http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html][http://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5Bhttp://www.postgresql.org/docs/9.3/static/libpq-pgpass.html%5D]]
> , and it doesn't create file. I'm not sure whether this kind of validation
> is expected in this function.
> > I think - it is.
> > Because - it could be used to save the updated password in the PGPASS
> file.
> >
> > -- Ashesh
> > regards,
> > Prasad
> >
> > Sent: Wednesday, March 04, 2015 at 7:15 AM
> > From: "Ashesh Vashi" <ashesh(dot)vashi(at)enterprisedb(dot)com[
> ashesh(dot)vashi(at)enterprisedb(dot)com][ashesh(dot)vashi@enterprisedb.com[
> ashesh(dot)vashi(at)enterprisedb(dot)com]][ashesh(dot)vashi@enterprisedb.com[
> ashesh(dot)vashi(at)enterprisedb(dot)com][ashesh(dot)vashi@enterprisedb.com[
> ashesh(dot)vashi(at)enterprisedb(dot)com]]]>
> > To: Prasad <prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail(dot)com][prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com]][prasad(dot)s@mail(dot)com[prasad(dot)s(at)mail(dot)com][prasad(dot)s@mail.com
> [prasad(dot)s(at)mail(dot)com]]]>
> > Cc: pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]]]>
> > Subject: Re: [pgadmin-hackers] Patch : PGPASSFILE fix
> >
> > Hi Prasad,
> > I see couple of issues with your patch.* Please generate the patch
> using 'git diff'.
> > I could not apply your patch straight forwardly.
> > I had to use the patch utility.
> > * Please follow the coding style of pgAdmin.
> > You can find it at
> https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals%23Coding_Style.*]][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*][https://wiki.postgresql.org/wiki/PgAdmin_Internals#Coding_Style.*[https://wiki.postgresql.org/wiki/PgAdmin_Internals%23Coding_Style.*]]]
> Do not remove any of the existing code.
> > It has been kept there keeping in mind about future development
> extending support of the existing functionality.
> > You've removed couple of lines in the sysSettings::GetConfigFile(...)
> function, which is not good.
> >
> > In your code:* Checked only for PGPASSFILE environment variable.
> > * Need to check the existence of the file.
> > * Take required actions (if that file/parent directory does not exists).
> > i.e. Create parent directory
> >
> >
> >
> > --
> > Thanks & Regards,
> >
> > Ashesh Vashi
> > EnterpriseDB INDIA: Enterprise PostgreSQL Company[
> http://www.enterprisedb.com[http://www.enterprisedb.com][
> http://www.enterprisedb.com[http://www.enterprisedb.com]][
> http://www.enterprisedb.com[http://www.enterprisedb.com][
> http://www.enterprisedb.com[http://www.enterprisedb.com]]]]
> >
> >
> http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]][http://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5Bhttp://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5D][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi][http://www.linkedin.com/in/asheshvashi[http://www.linkedin.com/in/asheshvashi]][http://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5Bhttp://www.linkedin.com/in/asheshvashi%5Bhttp://www.linkedin.com/in/asheshvashi%5D%5D]]
> >
> > On Sun, Mar 1, 2015 at 11:08 PM, Prasad <prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com][prasad(dot)s@mail(dot)com[prasad(dot)s(at)mail(dot)com]][prasad(dot)s@mail.com
> [prasad(dot)s(at)mail(dot)com][prasad(dot)s@mail(dot)com[prasad(dot)s(at)mail(dot)com]]][
> prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail(dot)com][prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail.com
> ]][prasad(dot)s(at)mail(dot)com[prasad(dot)s@mail(dot)com][prasad(dot)s(at)mail(dot)com[
> prasad(dot)s(at)mail(dot)com]]]]> wrote:
> > Hi,
> >
> > Find attached fix for reading PGPASSFILE environment variable for pg
> password file.
> >
> > regards,
> > Prasad
> >
> > --
> > Sent via pgadmin-hackers mailing list (pgadmin-hackers(at)postgresql(dot)org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]]][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org][pgadmin-hackers@postgresql.org[
> pgadmin-hackers(at)postgresql(dot)org]]]])
> > To make changes to your subscription:
> >
> http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]][http://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5D][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]][http://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5Bhttp://www.postgresql.org/mailpref/pgadmin-hackers%5D%5D]]
> >
> >
> >
> > --> Sent via pgadmin-hackers mailing list (
> pgadmin-hackers(at)postgresql(dot)org[pgadmin-hackers@postgresql.org][
> pgadmin-hackers(at)postgresql(dot)org[pgadmin-hackers@postgresql.org]])
> > To make changes to your subscription:
> >
> http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers][http://www.postgresql.org/mailpref/pgadmin-hackers[http://www.postgresql.org/mailpref/pgadmin-hackers]]
>
>
>
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com[http://pgsnake.blogspot.com][
> http://pgsnake.blogspot.com[http://pgsnake.blogspot.com]]
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com[http://www.enterprisedb.com][
> http://www.enterprisedb.com[http://www.enterprisedb.com]]
> The Enterprise PostgreSQL Company
>
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com[http://pgsnake.blogspot.com][
> http://pgsnake.blogspot.com[http://pgsnake.blogspot.com]]
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com[http://www.enterprisedb.com][
> http://www.enterprisedb.com[http://www.enterprisedb.com]]
> The Enterprise PostgreSQL Company
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Guillaume Lelarge | 2015-03-11 08:28:32 | Re: TODO list |
| Previous Message | Prasad | 2015-03-11 07:40:09 | TODO list |