On Fri, Jul 27, 2018 at 11:38 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > I noticed that there's some strange coding in libpq's choice of > what hostname to use for searching ~/.pgpass for a password. > Historically (pre-v10), it just used the pghost parameter: > > conn->pgpass = PasswordFromFile(conn->pghost, conn->pgport, > conn->dbName, conn->pguser); > > no ifs, ands, or buts, except for the fact that PasswordFromFile > replaces its hostname parameter with "localhost" if it's null or > matches the default socket directory. This is per the documentation > (see sections 34.1.2 and 34.15). > > Since v10 we've got this: > > char *pwhost = conn->connhost[i].host; > > if (conn->connhost[i].type == CHT_HOST_ADDRESS && > conn->connhost[i].host != NULL && > conn->connhost[i].host[0] != '\0') > pwhost = conn->connhost[i].hostaddr; > > conn->connhost[i].password = > passwordFromFile(pwhost, > conn->connhost[i].port, > conn->dbName, > conn->pguser, > conn->pgpassfile); > > Now that's just bizarre on its face: take hostaddr if it's specified, > but only if host is also specified? And it certainly doesn't match > the documentation.
Yeah, that's bad code. The intent was that if you set host=a,b you probably want to use either 'a' or 'b' as the thing to look up in .pgpass, not 'a,b', but the implementation leaves something to be desired. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
