in src/pgclient/src/interfaces/libpq/fe-connect.c [72:325]
static int ldapServiceLookup(const char *purl, PQconninfoOption *options,
PQExpBuffer errorMessage);
#endif
#include "libpq/ip.h"
#include "mb/pg_wchar.h"
#ifndef FD_CLOEXEC
#define FD_CLOEXEC 1
#endif
#ifndef WIN32
#define PGPASSFILE ".pgpass"
#else
#define PGPASSFILE "pgpass.conf"
#endif
/*
* Pre-9.0 servers will return this SQLSTATE if asked to set
* application_name in a startup packet. We hard-wire the value rather
* than looking into errcodes.h since it reflects historical behavior
* rather than that of the current code.
*/
#define ERRCODE_APPNAME_UNKNOWN "42704"
/* This is part of the protocol so just define it */
#define ERRCODE_INVALID_PASSWORD "28P01"
/* This too */
#define ERRCODE_CANNOT_CONNECT_NOW "57P03"
/*
* fall back options if they are not specified by arguments or defined
* by environment variables
*/
#define DefaultHost "localhost"
#define DefaultTty ""
#define DefaultOption ""
#define DefaultAuthtype ""
#define DefaultPassword ""
#ifdef USE_SSL
#define DefaultSSLMode "disable" /* prefer */
#else
#define DefaultSSLMode "disable"
#endif
/* ----------
* Definition of the conninfo parameters and their fallback resources.
*
* If Environment-Var and Compiled-in are specified as NULL, no
* fallback is available. If after all no value can be determined
* for an option, an error is returned.
*
* The value for the username is treated specially in conninfo_parse.
* If the Compiled-in resource is specified as a NULL value, the
* user is determined by pg_fe_getauthname().
*
* The Label and Disp-Char entries are provided for applications that
* want to use PQconndefaults() to create a generic database connection
* dialog. Disp-Char is defined as follows:
* "" Normal input field
* "*" Password field - hide value
* "D" Debug option - don't show by default
*
* PQconninfoOptions[] is a constant static array that we use to initialize
* a dynamically allocated working copy. All the "val" fields in
* PQconninfoOptions[] *must* be NULL. In a working copy, non-null "val"
* fields point to malloc'd strings that should be freed when the working
* array is freed (see PQconninfoFree).
* ----------
*/
static const PQconninfoOption PQconninfoOptions[] = {
/*
* "authtype" is no longer used, so mark it "don't show". We keep it in
* the array so as not to reject conninfo strings from old apps that might
* still try to set it.
*/
{"authtype", "PGAUTHTYPE", DefaultAuthtype, NULL,
"Database-Authtype", "D", 20},
{"service", "PGSERVICE", NULL, NULL,
"Database-Service", "", 20},
{"user", "PGUSER", NULL, NULL,
"Database-User", "", 20},
{"password", "PGPASSWORD", NULL, NULL,
"Database-Password", "*", 20},
{"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL,
"Connect-timeout", "", 10}, /* strlen(INT32_MAX) == 10 */
{"dbname", "PGDATABASE", NULL, NULL,
"Database-Name", "", 20},
{"host", "PGHOST", NULL, NULL,
"Database-Host", "", 40},
{"hostaddr", "PGHOSTADDR", NULL, NULL,
"Database-Host-IP-Address", "", 45},
{"port", "PGPORT", DEF_PGPORT_STR, NULL,
"Database-Port", "", 6},
{"client_encoding", "PGCLIENTENCODING", NULL, NULL,
"Client-Encoding", "", 10},
/*
* "tty" is no longer used either, but keep it present for backwards
* compatibility.
*/
{"tty", "PGTTY", DefaultTty, NULL,
"Backend-Debug-TTY", "D", 40},
{"options", "PGOPTIONS", DefaultOption, NULL,
"Backend-Debug-Options", "D", 40},
{"application_name", "PGAPPNAME", NULL, NULL,
"Application-Name", "", 64},
{"fallback_application_name", NULL, NULL, NULL,
"Fallback-Application-Name", "", 64},
{"keepalives", NULL, NULL, NULL,
"TCP-Keepalives", "", 1}, /* should be just '0' or '1' */
{"keepalives_idle", NULL, NULL, NULL,
"TCP-Keepalives-Idle", "", 10}, /* strlen(INT32_MAX) == 10 */
{"keepalives_interval", NULL, NULL, NULL,
"TCP-Keepalives-Interval", "", 10}, /* strlen(INT32_MAX) == 10 */
{"keepalives_count", NULL, NULL, NULL,
"TCP-Keepalives-Count", "", 10}, /* strlen(INT32_MAX) == 10 */
#ifdef USE_SSL
/*
* "requiressl" is deprecated, its purpose having been taken over by
* "sslmode". It remains for backwards compatibility.
*/
{"requiressl", "PGREQUIRESSL", "0", NULL,
"Require-SSL", "D", 1},
#endif
/*
* ssl options are allowed even without client SSL support because the
* client can still handle SSL modes "disable" and "allow". Other
* parameters have no effect on non-SSL connections, so there is no reason
* to exclude them since none of them are mandatory.
*/
{"sslmode", "PGSSLMODE", DefaultSSLMode, NULL,
"SSL-Mode", "", 8}, /* sizeof("disable") == 8 */
{"sslcert", "PGSSLCERT", NULL, NULL,
"SSL-Client-Cert", "", 64},
{"compression", "PGCOMPRESSION", "off", NULL,
"Libpq-compression", "", 16},
{"sslkey", "PGSSLKEY", NULL, NULL,
"SSL-Client-Key", "", 64},
{"sslrootcert", "PGSSLROOTCERT", NULL, NULL,
"SSL-Root-Certificate", "", 64},
{"ssldefaultrootcert", NULL, NULL, NULL,
"SSL-Default-Root-Certificate", "", 64},
{"sslcrl", "PGSSLCRL", NULL, NULL,
"SSL-Revocation-List", "", 64},
{"requirepeer", "PGREQUIREPEER", NULL, NULL,
"Require-Peer", "", 10},
#if defined(KRB5) || defined(ENABLE_GSS) || defined(ENABLE_SSPI)
/* Kerberos and GSSAPI authentication support specifying the service name */
{"krbsrvname", "PGKRBSRVNAME", PG_KRB_SRVNAM, NULL,
"Kerberos-service-name", "", 20},
#endif
#if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
/*
* GSSAPI and SSPI both enabled, give a way to override which is used by
* default
*/
{"gsslib", "PGGSSLIB", NULL, NULL,
"GSS-library", "", 7}, /* sizeof("gssapi") = 7 */
#endif
{"replication", NULL, NULL, NULL,
"Replication", "D", 5},
{"CscEnable", NULL, NULL, NULL,
"CscEnable", "", 10},
{"CscMaxFileSize", NULL, NULL, NULL,
"CscMaxFileSize", "", 10},
{"CscPath", NULL, NULL, NULL,
"CscPath", "", 64},
{"CscThreshold", NULL, NULL, NULL,
"CscThreshold", "", 10},
{"StreamingCursorRows", NULL, NULL, NULL,
"StreamingCursorRows", "", 10},
{ "client_protocol_version", NULL, NULL, NULL,
"Extended-Redshift-Protocol-Version", "", 60 },
{ "driver_version", NULL, NULL, NULL,
"Driver-Version", "", 64 },
{ "os_version", NULL, NULL, NULL,
"OS-Version", "", 64 },
{ "plugin_name", NULL, NULL, NULL,
"Backend-Debug-Plugin-Name", "", 64 },
{ "proxy_host", NULL, NULL, NULL,
"Proxy-host", "", 40 },
{ "proxy_port", NULL, NULL, NULL,
"Proxy-port", "", 40 },
{ "proxy_auth_type", NULL, NULL, NULL,
"Proxy-auth-type", "", 40 },
{ "proxy_user", NULL, NULL, NULL,
"Proxy-user", "", 40 },
{ "proxy_credentials", NULL, NULL, NULL,
"Proxy-credentials", "", 40 },
{ "min_tls", NULL, NULL, NULL,
"Minimum TLS", "", 10 }, /* default is 1.1 */
{"idp_type", NULL, NULL, NULL,
"Redshift Native Auth IDP Type", "", 64},
{"token_type", NULL, NULL, NULL,
"Redshift IdC Auth Token Type", "", 20},
{"identity_namespace", NULL, NULL, NULL,
"Redshift IdC Auth Identity Namespace", "", 64},
{"provider_name", NULL, NULL, NULL,
"Redshift Native Auth Provider Name", "", 64},
{"web_identity_token", NULL, NULL, NULL,
"Redshift Native Auth Token", "", 64},
/* Terminating entry --- MUST BE LAST */
{NULL, NULL, NULL, NULL,
NULL, NULL, 0}
};