Re: Warning about invalid .pgpass passwords

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: Bruce Momjian <bruce@momjian.us>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Alvaro Herrera <alvherre@commandprompt.com>, Eamonn Martin <mas01em@gold.ac.uk>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2010-03-12T03:39:35Z
Lists: pgsql-hackers

Bruce Momjian wrote:
> + 	/* If it was 'invalid authorization', add .pgpass mention */
> + 	if (conn->dot_pgpass_used && conn->password_needed && conn->result &&
> + 		/* only works with >= 9.0 servers */
> + 		strcmp(PQresultErrorField(conn->result, PG_DIAG_SQLSTATE),
> + 			ERRCODE_INVALID_PASSWORD_SPECIFICATION) == 0)
> + 		appendPQExpBufferStr(&conn->errorMessage,
> + 			libpq_gettext("password retrieved from .pgpass\n"));
>   

Surely we should use the name of the actual file from which the password 
was retrieved here, which could be quite different from ".pgpass" (see 
PGPASSFILE environment setting) and is different by default on Windows 
anyway. Using a hardcoded ".pgpass" in those situations could be quite 
confusing.

cheers

andrew