Обсуждение: Re: [BUGS] More SSL questions..
Magnus Hagander said:
> So, a quick implementation (not tested, but shouldn't be too hard) of
> your functino would be:
> static bool pqGetHomeDirectory(char *buf, int bufsize)
> {
> char tmppath[MAX_PATH+16]; /* Add 16 chars for "/.postgresql/"
> */
> ZeroMemory(tmppath,sizeof(tmppath));
> if (!SHGetSpecialFolderPath(NULL, tmppath, CSIDL_APPDATA,
> FALSE)) {
> return FALSE;
> strcat(tmppath,"/.postgresql/");
> if (strlen(tmppath) > bufsize)
> return FALSE; /* Better than returning a chopped-off
> path */
> strcpy(buf, tmppath);
> return TRUE;
> }
>
> You're going to have to add #include <shlobj.h> to the file as well.
>
Excellent. I would suggest that we allow an environment variable PGHOME to
override this on all platforms, falling back to the above on Windows and
HOME elsewhere.
cheers
andrew
"Andrew Dunstan" <andrew@dunslane.net> writes:
> Excellent. I would suggest that we allow an environment variable PGHOME to
> override this on all platforms, falling back to the above on Windows and
> HOME elsewhere.
Given that this code is mainly used to find security-critical files
(.pgpass and SSL certificates), I'm not sure that an override is a good
idea. I'm not dead set against it though --- any other opinions out
there?
Also, how do we document this behavior on Windows? The libpq docs
currently talk about, eg,
the connection in <filename>$HOME/.pgpass</> (or
<filename>%USERPROFILE%\.pgpass</> on Microsoft Windows).
but I'm not sure that's accurate or useful. Is there a phrase
comparable to "home directory" that will be understood by Windows
users? I'm thinking of writing "~/.pgpass" for the Unix case to
avoid giving the impression that we depend on getenv("HOME"),
because we won't anymore.
regards, tom lane
Tom Lane wrote: >"Andrew Dunstan" <andrew@dunslane.net> writes: > > >>Excellent. I would suggest that we allow an environment variable PGHOME to >>override this on all platforms, falling back to the above on Windows and >>HOME elsewhere. >> >> > >Given that this code is mainly used to find security-critical files >(.pgpass and SSL certificates), I'm not sure that an override is a good >idea. I'm not dead set against it though --- any other opinions out >there? > > > > If that's a valid concern (and it might well be) then we shouldn't rely on any environment variable, including HOME - on Unix at least one could use getpwent() and friends. cheers andrew