diff options
| author | Pavan Deolasee | 2017-06-14 05:42:18 +0000 |
|---|---|---|
| committer | Pavan Deolasee | 2017-06-14 05:42:18 +0000 |
| commit | 15dd5274c323fb93e4e3ea9ad2185aaaec10f79c (patch) | |
| tree | 9dafb4c7f735d9429ea461dc792933af87493c33 /src/interfaces/libpq | |
| parent | dfbb88e3bbb526dcb204b456b9e5cfd9d10d0d0a (diff) | |
| parent | d5cb3bab564e0927ffac7c8729eacf181a12dd40 (diff) | |
Merge from PG master upto d5cb3bab564e0927ffac7c8729eacf181a12dd40
This is the result of the "git merge remotes/PGSQL/master" upto the said commit
point. We have done some basic analysis, fixed compilation problems etc, but
bulk of the logical problems in conflict resolution etc will be handled by
subsequent commits.
Diffstat (limited to 'src/interfaces/libpq')
38 files changed, 3686 insertions, 2548 deletions
diff --git a/src/interfaces/libpq/.gitignore b/src/interfaces/libpq/.gitignore index cb96af7176..6c02dc7055 100644 --- a/src/interfaces/libpq/.gitignore +++ b/src/interfaces/libpq/.gitignore @@ -1,24 +1,33 @@ /exports.list +/libpq.rc +# .c files that are symlinked in from elsewhere /chklocale.c /crypt.c +/erand48.c /getaddrinfo.c /getpeereid.c /inet_aton.c /inet_net_ntop.c /noblock.c /open.c +/system.c +/pgsleep.c +/pg_strong_random.c /pgstrcasecmp.c /pqsignal.c /snprintf.c /strerror.c /strlcpy.c -/system.c /thread.c /win32error.c /win32setlocale.c -/pgsleep.c -/md5.c /ip.c +/md5.c +/base64.c +/scram-common.c +/sha2.c +/sha2_openssl.c +/saslprep.c +/unicode_norm.c /encnames.c /wchar.c -/libpq.rc diff --git a/src/interfaces/libpq/Makefile b/src/interfaces/libpq/Makefile index 1b292d2cf2..87f22d242f 100644 --- a/src/interfaces/libpq/Makefile +++ b/src/interfaces/libpq/Makefile @@ -2,7 +2,7 @@ # # Makefile for src/interfaces/libpq library # -# Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group +# Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group # Portions Copyright (c) 1994, Regents of the University of California # # src/interfaces/libpq/Makefile @@ -17,7 +17,7 @@ include $(top_builddir)/src/Makefile.global # shared library parameters NAME= pq SO_MAJOR_VERSION= 5 -SO_MINOR_VERSION= 9 +SO_MINOR_VERSION= $(MAJORVERSION) override CPPFLAGS := -DFRONTEND -DUNSAFE_STAT_OK -I$(srcdir) $(CPPFLAGS) -I$(top_builddir)/src/port -I$(top_srcdir)/src/port ifneq ($(PORTNAME), win32) @@ -31,7 +31,7 @@ LIBS := $(LIBS:-lpgport=) # We can't use Makefile variables here because the MSVC build system scrapes # OBJS from this file. -OBJS= fe-auth.o fe-connect.o fe-exec.o fe-misc.o fe-print.o fe-lobj.o \ +OBJS= fe-auth.o fe-auth-scram.o fe-connect.o fe-exec.o fe-misc.o fe-print.o fe-lobj.o \ fe-protocol2.o fe-protocol3.o pqexpbuffer.o fe-secure.o \ libpq-events.o # libpgport C files we always use @@ -39,13 +39,22 @@ OBJS += chklocale.o inet_net_ntop.o noblock.o pgstrcasecmp.o pqsignal.o \ thread.o # libpgport C files that are needed if identified by configure OBJS += $(filter crypt.o getaddrinfo.o getpeereid.o inet_aton.o open.o system.o snprintf.o strerror.o strlcpy.o win32error.o win32setlocale.o, $(LIBOBJS)) -# backend/libpq -OBJS += ip.o md5.o -# utils/mb + +ifeq ($(enable_strong_random), yes) +OBJS += pg_strong_random.o +else +OBJS += erand48.o +endif + +# src/backend/utils/mb OBJS += encnames.o wchar.o +# src/common +OBJS += base64.o ip.o md5.o scram-common.o saslprep.o unicode_norm.o ifeq ($(with_openssl),yes) -OBJS += fe-secure-openssl.o +OBJS += fe-secure-openssl.o sha2_openssl.o +else +OBJS += sha2.o endif ifeq ($(PORTNAME), cygwin) @@ -92,11 +101,12 @@ backend_src = $(top_srcdir)/src/backend # Instead, symlink the source files in here and build our own object files. # For some libpgport modules, this only happens if configure decides # the module is needed (see filter hack in OBJS, above). +# When you add a file here, remember to add it in the "clean" target below. -chklocale.c crypt.c getaddrinfo.c getpeereid.c inet_aton.c inet_net_ntop.c noblock.c open.c system.c pgsleep.c pgstrcasecmp.c pqsignal.c snprintf.c strerror.c strlcpy.c thread.c win32error.c win32setlocale.c: % : $(top_srcdir)/src/port/% +chklocale.c crypt.c erand48.c getaddrinfo.c getpeereid.c inet_aton.c inet_net_ntop.c noblock.c open.c system.c pgsleep.c pg_strong_random.c pgstrcasecmp.c pqsignal.c snprintf.c strerror.c strlcpy.c thread.c win32error.c win32setlocale.c: % : $(top_srcdir)/src/port/% rm -f $@ && $(LN_S) $< . -ip.c md5.c: % : $(backend_src)/libpq/% +ip.c md5.c base64.c scram-common.c sha2.c sha2_openssl.c saslprep.c unicode_norm.c: % : $(top_srcdir)/src/common/% rm -f $@ && $(LN_S) $< . encnames.c wchar.c: % : $(backend_src)/utils/mb/% @@ -144,10 +154,9 @@ clean distclean: clean-lib rm -f $(OBJS) pthread.h libpq.rc # Might be left over from a Win32 client-only build rm -f pg_config_paths.h - rm -f inet_net_ntop.c noblock.c pgstrcasecmp.c pqsignal.c thread.c - rm -f chklocale.c crypt.c getaddrinfo.c getpeereid.c inet_aton.c open.c system.c snprintf.c strerror.c strlcpy.c win32error.c win32setlocale.c - rm -f pgsleep.c - rm -f md5.c ip.c +# Remove files we (may have) symlinked in from src/port and other places + rm -f chklocale.c crypt.c erand48.c getaddrinfo.c getpeereid.c inet_aton.c inet_net_ntop.c noblock.c open.c system.c pgsleep.c pg_strong_random.c pgstrcasecmp.c pqsignal.c snprintf.c strerror.c strlcpy.c thread.c win32error.c win32setlocale.c + rm -f ip.c md5.c base64.c scram-common.c sha2.c sha2_openssl.c saslprep.c unicode_norm.c rm -f encnames.c wchar.c maintainer-clean: distclean maintainer-clean-lib diff --git a/src/interfaces/libpq/bcc32.mak b/src/interfaces/libpq/bcc32.mak deleted file mode 100644 index 78102fafd4..0000000000 --- a/src/interfaces/libpq/bcc32.mak +++ /dev/null @@ -1,312 +0,0 @@ -# Makefile for Borland C++ 5.5 - -# Will build a Win32 static library libpq.lib -# and a Win32 dynamic library libpq.dll with import library libpqdll.lib - -# Borland C++ base install directory goes here -# BCB=c:\Borland\Bcc55 - -!IF "$(BCB)" == "" -!MESSAGE You must edit bcc32.mak and define BCB at the top -!ERROR misssing BCB -!ENDIF - -!IF "$(__NMAKE__)" == "" -!MESSAGE You must use the -N compatibility flag, e.g. make -N -f bcc32.make -!ERROR missing -N -!ENDIF - -!MESSAGE Building the Win32 DLL and Static Library... -!MESSAGE -!IF "$(CFG)" == "" -CFG=Release -!MESSAGE No configuration specified. Defaulting to Release. -!MESSAGE -!ELSE -!MESSAGE Configuration "$(CFG)" -!MESSAGE -!ENDIF - -!IF "$(CFG)" != "Release" && "$(CFG)" != "Debug" -!MESSAGE Invalid configuration "$(CFG)" specified. -!MESSAGE You can specify a configuration when running MAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE make -N -DCFG=[Release | Debug] -f bcc32.mak -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "Release" (Win32 Release DLL and Static Library) -!MESSAGE "Debug" (Win32 Debug DLL and Static Library) -!MESSAGE -!ERROR An invalid configuration was specified. -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -!IF "$(CFG)" == "Debug" -DEBUG=1 -OUTDIR=.\Debug -INTDIR=.\Debug -!ELSE -OUTDIR=.\Release -INTDIR=.\Release -!ENDIF - -OUTFILENAME=blibpq - -USERDEFINES=FRONTEND;NDEBUG;WIN32;_WINDOWS - -CPP=bcc32.exe -CPP_PROJ = -I..\..\include\port\win32_msvc;$(BCB)\include;..\..\include;..\..\include\port\win32;..\..\port -n"$(INTDIR)" -WD -c -D$(USERDEFINES) -tWM \ - -a8 -X -w-use -w-par -w-pia -w-csu -w-aus -w-ccc - -!IFDEF DEBUG -CPP_PROJ = $(CPP_PROJ) -Od -r- -k -v -y -vi- -D_DEBUG -!else -CPP_PROJ = $(CPP_PROJ) -O -Oi -OS -DNDEBUG -!endif - -ALL : config "$(OUTDIR)" "$(OUTDIR)\blibpq.dll" "$(OUTDIR)\blibpq.lib" - -CLEAN : - -@erase "$(INTDIR)\getaddrinfo.obj" - -@erase "$(INTDIR)\pgstrcasecmp.obj" - -@erase "$(INTDIR)\pqsignal.obj" - -@erase "$(INTDIR)\thread.obj" - -@erase "$(INTDIR)\inet_aton.obj" - -@erase "$(INTDIR)\crypt.obj" - -@erase "$(INTDIR)\noblock.obj" - -@erase "$(INTDIR)\chklocale.obj" - -@erase "$(INTDIR)\inet_net_ntop.obj" - -@erase "$(INTDIR)\md5.obj" - -@erase "$(INTDIR)\ip.obj" - -@erase "$(INTDIR)\fe-auth.obj" - -@erase "$(INTDIR)\fe-protocol2.obj" - -@erase "$(INTDIR)\fe-protocol3.obj" - -@erase "$(INTDIR)\fe-connect.obj" - -@erase "$(INTDIR)\fe-exec.obj" - -@erase "$(INTDIR)\fe-lobj.obj" - -@erase "$(INTDIR)\fe-misc.obj" - -@erase "$(INTDIR)\fe-print.obj" - -@erase "$(INTDIR)\fe-secure.obj" - -@erase "$(INTDIR)\libpq-events.obj" - -@erase "$(INTDIR)\pqexpbuffer.obj" - -@erase "$(INTDIR)\win32.obj" - -@erase "$(INTDIR)\wchar.obj" - -@erase "$(INTDIR)\encnames.obj" - -@erase "$(INTDIR)\pthread-win32.obj" - -@erase "$(INTDIR)\snprintf.obj" - -@erase "$(INTDIR)\strlcpy.obj" - -@erase "$(INTDIR)\dirent.obj" - -@erase "$(INTDIR)\dirmod.obj" - -@erase "$(INTDIR)\pgsleep.obj" - -@erase "$(INTDIR)\open.obj" - -@erase "$(INTDIR)\system.obj" - -@erase "$(INTDIR)\win32error.obj" - -@erase "$(OUTDIR)\$(OUTFILENAME).lib" - -@erase "$(OUTDIR)\$(OUTFILENAME)dll.lib" - -@erase "$(OUTDIR)\libpq.res" - -@erase "$(OUTDIR)\$(OUTFILENAME).dll" - -@erase "$(OUTDIR)\$(OUTFILENAME).tds" - -@erase "$(INTDIR)\pg_config_paths.h" - - -LIB32=tlib.exe -LIB32_FLAGS= -LIB32_OBJS= \ - "$(INTDIR)\win32.obj" \ - "$(INTDIR)\getaddrinfo.obj" \ - "$(INTDIR)\pgstrcasecmp.obj" \ - "$(INTDIR)\pqsignal.obj" \ - "$(INTDIR)\thread.obj" \ - "$(INTDIR)\inet_aton.obj" \ - "$(INTDIR)\crypt.obj" \ - "$(INTDIR)\noblock.obj" \ - "$(INTDIR)\chklocale.obj" \ - "$(INTDIR)\inet_net_ntop.obj" \ - "$(INTDIR)\md5.obj" \ - "$(INTDIR)\ip.obj" \ - "$(INTDIR)\fe-auth.obj" \ - "$(INTDIR)\fe-protocol2.obj" \ - "$(INTDIR)\fe-protocol3.obj" \ - "$(INTDIR)\fe-connect.obj" \ - "$(INTDIR)\fe-exec.obj" \ - "$(INTDIR)\fe-lobj.obj" \ - "$(INTDIR)\fe-misc.obj" \ - "$(INTDIR)\fe-print.obj" \ - "$(INTDIR)\fe-secure.obj" \ - "$(INTDIR)\libpq-events.obj" \ - "$(INTDIR)\pqexpbuffer.obj" \ - "$(INTDIR)\wchar.obj" \ - "$(INTDIR)\encnames.obj" \ - "$(INTDIR)\snprintf.obj" \ - "$(INTDIR)\strlcpy.obj" \ - "$(INTDIR)\dirent.obj" \ - "$(INTDIR)\dirmod.obj" \ - "$(INTDIR)\pgsleep.obj" \ - "$(INTDIR)\open.obj" \ - "$(INTDIR)\system.obj" \ - "$(INTDIR)\win32error.obj" \ - "$(INTDIR)\pthread-win32.obj" - - -config: ..\..\include\pg_config.h ..\..\include\pg_config_ext.h ..\..\include\pg_config_os.h pg_config_paths.h - -..\..\include\pg_config.h: ..\..\include\pg_config.h.win32 - copy ..\..\include\pg_config.h.win32 ..\..\include\pg_config.h - -..\..\include\pg_config_ext.h: ..\..\include\pg_config_ext.h.win32 - copy ..\..\include\pg_config_ext.h.win32 ..\..\include\pg_config_ext.h - -..\..\include\pg_config_os.h: ..\..\include\port\win32.h - copy ..\..\include\port\win32.h ..\..\include\pg_config_os.h - -# Have to use \# so # isn't treated as a comment, but MSVC doesn't like this -pg_config_paths.h: bcc32.mak - echo \#define SYSCONFDIR "" > pg_config_paths.h - -"$(OUTDIR)" : - @if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -RSC=brcc32.exe -RSC_PROJ=-l 0x409 -i$(BCB)\include -fo"$(INTDIR)\libpq.res" - -LINK32=ilink32.exe -LINK32_FLAGS = -Gn -L$(BCB)\lib;$(INTDIR); -x -Tpd -v - -# @<< is a Response file, http://www.opussoftware.com/tutorial/TutMakefile.htm - -"$(OUTDIR)\blibpq.dll": "$(OUTDIR)\blibpq.lib" "$(INTDIR)\libpq.res" blibpqdll.def - $(LINK32) @<< - $(LINK32_FLAGS) + - c0d32.obj , + - $@,, + - "$(OUTDIR)\blibpq.lib" import32.lib cw32mt.lib, + - blibpqdll.def,"$(INTDIR)\libpq.res" -<< - implib -w "$(OUTDIR)\blibpqdll.lib" blibpqdll.def $@ - -"$(INTDIR)\libpq.res" : "$(INTDIR)" libpq-dist.rc - $(RSC) $(RSC_PROJ) libpq-dist.rc - -"$(OUTDIR)\blibpq.lib": $(LIB32_OBJS) - $(LIB32) $@ @<< -+-"$(**: =" &^ -+-")" -<< - - -"$(INTDIR)\getaddrinfo.obj" : ..\..\port\getaddrinfo.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\getaddrinfo.c -<< - -"$(INTDIR)\pgstrcasecmp.obj" : ..\..\port\pgstrcasecmp.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\pgstrcasecmp.c -<< - -"$(INTDIR)\pqsignal.obj" : ..\..\port\pqsignal.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\pqsignal.c -<< - -"$(INTDIR)\thread.obj" : ..\..\port\thread.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\thread.c -<< - -"$(INTDIR)\inet_aton.obj" : ..\..\port\inet_aton.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\inet_aton.c -<< - -"$(INTDIR)\crypt.obj" : ..\..\port\crypt.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\crypt.c -<< - -"$(INTDIR)\noblock.obj" : ..\..\port\noblock.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\noblock.c -<< - -"$(INTDIR)\chklocale.obj" : ..\..\port\chklocale.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\chklocale.c -<< - -"$(INTDIR)\inet_net_ntop.obj" : ..\..\port\inet_net_ntop.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\inet_net_ntop.c -<< - -"$(INTDIR)\md5.obj" : ..\..\backend\libpq\md5.c - $(CPP) @<< - $(CPP_PROJ) ..\..\backend\libpq\md5.c -<< - -"$(INTDIR)\ip.obj" : ..\..\backend\libpq\ip.c - $(CPP) @<< - $(CPP_PROJ) ..\..\backend\libpq\ip.c -<< - -"$(INTDIR)\wchar.obj" : ..\..\backend\utils\mb\wchar.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\backend\utils\mb\wchar.c -<< - - -"$(INTDIR)\encnames.obj" : ..\..\backend\utils\mb\encnames.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\backend\utils\mb\encnames.c -<< - -"$(INTDIR)\snprintf.obj" : ..\..\port\snprintf.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\snprintf.c -<< - -"$(INTDIR)\strlcpy.obj" : ..\..\port\strlcpy.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\strlcpy.c -<< - -"$(INTDIR)\dirent.obj" : ..\..\port\dirent.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\dirent.c -<< - -"$(INTDIR)\dirmod.obj" : ..\..\port\dirmod.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\dirmod.c -<< - -"$(INTDIR)\pgsleep.obj" : ..\..\port\pgsleep.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\pgsleep.c -<< - -"$(INTDIR)\open.obj" : ..\..\port\open.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\open.c -<< - -"$(INTDIR)\system.obj" : ..\..\port\system.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\system.c -<< - -"$(INTDIR)\win32error.obj" : ..\..\port\win32error.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\win32error.c -<< - - -.c.obj: - $(CPP) $(CPP_PROJ) $< diff --git a/src/interfaces/libpq/exports.txt b/src/interfaces/libpq/exports.txt index 21dd772ca9..d6a38d0df8 100644 --- a/src/interfaces/libpq/exports.txt +++ b/src/interfaces/libpq/exports.txt @@ -171,3 +171,4 @@ PQsslAttributeNames 168 PQsslAttribute 169 PQsetErrorContextVisibility 170 PQresultVerboseErrorMessage 171 +PQencryptPasswordConn 172 diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c new file mode 100644 index 0000000000..d2e355a8b8 --- /dev/null +++ b/src/interfaces/libpq/fe-auth-scram.c @@ -0,0 +1,707 @@ +/*------------------------------------------------------------------------- + * + * fe-auth-scram.c + * The front-end (client) implementation of SCRAM authentication. + * + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group + * Portions Copyright (c) 1994, Regents of the University of California + * + * IDENTIFICATION + * src/interfaces/libpq/fe-auth-scram.c + * + *------------------------------------------------------------------------- + */ + +#include "postgres_fe.h" + +#include "common/base64.h" +#include "common/saslprep.h" +#include "common/scram-common.h" +#include "fe-auth.h" + +/* These are needed for getpid(), in the fallback implementation */ +#ifndef HAVE_STRONG_RANDOM +#include <sys/types.h> +#include <unistd.h> +#endif + +/* + * Status of exchange messages used for SCRAM authentication via the + * SASL protocol. + */ +typedef enum +{ + FE_SCRAM_INIT, + FE_SCRAM_NONCE_SENT, + FE_SCRAM_PROOF_SENT, + FE_SCRAM_FINISHED +} fe_scram_state_enum; + +typedef struct +{ + fe_scram_state_enum state; + + /* These are supplied by the user */ + const char *username; + char *password; + + /* We construct these */ + uint8 SaltedPassword[SCRAM_KEY_LEN]; + char *client_nonce; + char *client_first_message_bare; + char *client_final_message_without_proof; + + /* These come from the server-first message */ + char *server_first_message; + char *salt; + int saltlen; + int iterations; + char *nonce; + + /* These come from the server-final message */ + char *server_final_message; + char ServerSignature[SCRAM_KEY_LEN]; +} fe_scram_state; + +static bool read_server_first_message(fe_scram_state *state, char *input, + PQExpBuffer errormessage); +static bool read_server_final_message(fe_scram_state *state, char *input, + PQExpBuffer errormessage); +static char *build_client_first_message(fe_scram_state *state, + PQExpBuffer errormessage); +static char *build_client_final_message(fe_scram_state *state, + PQExpBuffer errormessage); +static bool verify_server_signature(fe_scram_state *state); +static void calculate_client_proof(fe_scram_state *state, + const char *client_final_message_without_proof, + uint8 *result); +static bool pg_frontend_random(char *dst, int len); + +/* + * Initialize SCRAM exchange status. + */ +void * +pg_fe_scram_init(const char *username, const char *password) +{ + fe_scram_state *state; + char *prep_password; + pg_saslprep_rc rc; + + state = (fe_scram_state *) malloc(sizeof(fe_scram_state)); + if (!state) + return NULL; + memset(state, 0, sizeof(fe_scram_state)); + state->state = FE_SCRAM_INIT; + state->username = username; + + /* Normalize the password with SASLprep, if possible */ + rc = pg_saslprep(password, &prep_password); + if (rc == SASLPREP_OOM) + { + free(state); + return NULL; + } + if (rc != SASLPREP_SUCCESS) + { + prep_password = strdup(password); + if (!prep_password) + { + free(state); + return NULL; + } + } + state->password = prep_password; + + return state; +} + +/* + * Free SCRAM exchange status + */ +void +pg_fe_scram_free(void *opaq) +{ + fe_scram_state *state = (fe_scram_state *) opaq; + + if (state->password) + free(state->password); + + /* client messages */ + if (state->client_nonce) + free(state->client_nonce); + if (state->client_first_message_bare) + free(state->client_first_message_bare); + if (state->client_final_message_without_proof) + free(state->client_final_message_without_proof); + + /* first message from server */ + if (state->server_first_message) + free(state->server_first_message); + if (state->salt) + free(state->salt); + if (state->nonce) + free(state->nonce); + + /* final message from server */ + if (state->server_final_message) + free(state->server_final_message); + + free(state); +} + +/* + * Exchange a SCRAM message with backend. + */ +void +pg_fe_scram_exchange(void *opaq, char *input, int inputlen, + char **output, int *outputlen, + bool *done, bool *success, PQExpBuffer errorMessage) +{ + fe_scram_state *state = (fe_scram_state *) opaq; + + *done = false; + *success = false; + *output = NULL; + *outputlen = 0; + + /* + * Check that the input length agrees with the string length of the input. + * We can ignore inputlen after this. + */ + if (state->state != FE_SCRAM_INIT) + { + if (inputlen == 0) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("malformed SCRAM message (empty message)\n")); + goto error; + } + if (inputlen != strlen(input)) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("malformed SCRAM message (length mismatch)\n")); + goto error; + } + } + + switch (state->state) + { + case FE_SCRAM_INIT: + /* Begin the SCRAM handshake, by sending client nonce */ + *output = build_client_first_message(state, errorMessage); + if (*output == NULL) + goto error; + + *outputlen = strlen(*output); + *done = false; + state->state = FE_SCRAM_NONCE_SENT; + break; + + case FE_SCRAM_NONCE_SENT: + /* Receive salt and server nonce, send response. */ + if (!read_server_first_message(state, input, errorMessage)) + goto error; + + *output = build_client_final_message(state, errorMessage); + if (*output == NULL) + goto error; + + *outputlen = strlen(*output); + *done = false; + state->state = FE_SCRAM_PROOF_SENT; + break; + + case FE_SCRAM_PROOF_SENT: + /* Receive server signature */ + if (!read_server_final_message(state, input, errorMessage)) + goto error; + + /* + * Verify server signature, to make sure we're talking to the + * genuine server. XXX: A fake server could simply not require + * authentication, though. There is currently no option in libpq + * to reject a connection, if SCRAM authentication did not happen. + */ + if (verify_server_signature(state)) + *success = true; + else + { + *success = false; + printfPQExpBuffer(errorMessage, + libpq_gettext("invalid server signature\n")); + } + *done = true; + state->state = FE_SCRAM_FINISHED; + break; + + default: + /* shouldn't happen */ + printfPQExpBuffer(errorMessage, + libpq_gettext("invalid SCRAM exchange state\n")); + goto error; + } + return; + +error: + *done = true; + *success = false; + return; +} + +/* + * Read value for an attribute part of a SASL message. + */ +static char * +read_attr_value(char **input, char attr, PQExpBuffer errorMessage) +{ + char *begin = *input; + char *end; + + if (*begin != attr) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("malformed SCRAM message (%c expected)\n"), + attr); + return NULL; + } + begin++; + + if (*begin != '=') + { + printfPQExpBuffer(errorMessage, + libpq_gettext("malformed SCRAM message (expected = in attr '%c')\n"), + attr); + return NULL; + } + begin++; + + end = begin; + while (*end && *end != ',') + end++; + + if (*end) + { + *end = '\0'; + *input = end + 1; + } + else + *input = end; + + return begin; +} + +/* + * Build the first exchange message sent by the client. + */ +static char * +build_client_first_message(fe_scram_state *state, PQExpBuffer errormessage) +{ + char raw_nonce[SCRAM_RAW_NONCE_LEN + 1]; + char *buf; + char buflen; + int encoded_len; + + /* + * Generate a "raw" nonce. This is converted to ASCII-printable form by + * base64-encoding it. + */ + if (!pg_frontend_random(raw_nonce, SCRAM_RAW_NONCE_LEN)) + { + printfPQExpBuffer(errormessage, + libpq_gettext("failed to generate nonce\n")); + return NULL; + } + + state->client_nonce = malloc(pg_b64_enc_len(SCRAM_RAW_NONCE_LEN) + 1); + if (state->client_nonce == NULL) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return NULL; + } + encoded_len = pg_b64_encode(raw_nonce, SCRAM_RAW_NONCE_LEN, state->client_nonce); + state->client_nonce[encoded_len] = '\0'; + + /* + * Generate message. The username is left empty as the backend uses the + * value provided by the startup packet. Also, as this username is not + * prepared with SASLprep, the message parsing would fail if it includes + * '=' or ',' characters. + */ + buflen = 8 + strlen(state->client_nonce) + 1; + buf = malloc(buflen); + if (buf == NULL) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return NULL; + } + snprintf(buf, buflen, "n,,n=,r=%s", state->client_nonce); + + state->client_first_message_bare = strdup(buf + 3); + if (!state->client_first_message_bare) + { + free(buf); + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return NULL; + } + + return buf; +} + +/* + * Build the final exchange message sent from the client. + */ +static char * +build_client_final_message(fe_scram_state *state, PQExpBuffer errormessage) +{ + PQExpBufferData buf; + uint8 client_proof[SCRAM_KEY_LEN]; + char *result; + + initPQExpBuffer(&buf); + + /* + * Construct client-final-message-without-proof. We need to remember it + * for verifying the server proof in the final step of authentication. + */ + appendPQExpBuffer(&buf, "c=biws,r=%s", state->nonce); + if (PQExpBufferDataBroken(buf)) + goto oom_error; + + state->client_final_message_without_proof = strdup(buf.data); + if (state->client_final_message_without_proof == NULL) + goto oom_error; + + /* Append proof to it, to form client-final-message. */ + calculate_client_proof(state, + state->client_final_message_without_proof, + client_proof); + + appendPQExpBuffer(&buf, ",p="); + if (!enlargePQExpBuffer(&buf, pg_b64_enc_len(SCRAM_KEY_LEN))) + goto oom_error; + buf.len += pg_b64_encode((char *) client_proof, + SCRAM_KEY_LEN, + buf.data + buf.len); + buf.data[buf.len] = '\0'; + + result = strdup(buf.data); + if (result == NULL) + goto oom_error; + + termPQExpBuffer(&buf); + return result; + +oom_error: + termPQExpBuffer(&buf); + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return NULL; +} + +/* + * Read the first exchange message coming from the server. + */ +static bool +read_server_first_message(fe_scram_state *state, char *input, + PQExpBuffer errormessage) +{ + char *iterations_str; + char *endptr; + char *encoded_salt; + char *nonce; + + state->server_first_message = strdup(input); + if (state->server_first_message == NULL) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return false; + } + + /* parse the message */ + nonce = read_attr_value(&input, 'r', errormessage); + if (nonce == NULL) + { + /* read_attr_value() has generated an error string */ + return false; + } + + /* Verify immediately that the server used our part of the nonce */ + if (strlen(nonce) < strlen(state->client_nonce) || + memcmp(nonce, state->client_nonce, strlen(state->client_nonce)) != 0) + { + printfPQExpBuffer(errormessage, + libpq_gettext("invalid SCRAM response (nonce mismatch)\n")); + return false; + } + + state->nonce = strdup(nonce); + if (state->nonce == NULL) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return false; + } + + encoded_salt = read_attr_value(&input, 's', errormessage); + if (encoded_salt == NULL) + { + /* read_attr_value() has generated an error string */ + return false; + } + state->salt = malloc(pg_b64_dec_len(strlen(encoded_salt))); + if (state->salt == NULL) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return false; + } + state->saltlen = pg_b64_decode(encoded_salt, + strlen(encoded_salt), + state->salt); + + iterations_str = read_attr_value(&input, 'i', errormessage); + if (iterations_str == NULL) + { + /* read_attr_value() has generated an error string */ + return false; + } + state->iterations = strtol(iterations_str, &endptr, 10); + if (*endptr != '\0' || state->iterations < 1) + { + printfPQExpBuffer(errormessage, + libpq_gettext("malformed SCRAM message (invalid iteration count)\n")); + return false; + } + + if (*input != '\0') + printfPQExpBuffer(errormessage, + libpq_gettext("malformed SCRAM message (garbage at end of server-first-message)\n")); + + return true; +} + +/* + * Read the final exchange message coming from the server. + */ +static bool +read_server_final_message(fe_scram_state *state, char *input, + PQExpBuffer errormessage) +{ + char *encoded_server_signature; + int server_signature_len; + + state->server_final_message = strdup(input); + if (!state->server_final_message) + { + printfPQExpBuffer(errormessage, + libpq_gettext("out of memory\n")); + return false; + } + + /* Check for error result. */ + if (*input == 'e') + { + char *errmsg = read_attr_value(&input, 'e', errormessage); + + printfPQExpBuffer(errormessage, + libpq_gettext("error received from server in SASL exchange: %s\n"), + errmsg); + return false; + } + + /* Parse the message. */ + encoded_server_signature = read_attr_value(&input, 'v', errormessage); + if (encoded_server_signature == NULL) + { + /* read_attr_value() has generated an error message */ + return false; + } + + if (*input != '\0') + printfPQExpBuffer(errormessage, + libpq_gettext("malformed SCRAM message (garbage at end of server-final-message)\n")); + + server_signature_len = pg_b64_decode(encoded_server_signature, + strlen(encoded_server_signature), + state->ServerSignature); + if (server_signature_len != SCRAM_KEY_LEN) + { + printfPQExpBuffer(errormessage, + libpq_gettext("malformed SCRAM message (invalid server signature)\n")); + return false; + } + + return true; +} + +/* + * Calculate the client proof, part of the final exchange message sent + * by the client. + */ +static void +calculate_client_proof(fe_scram_state *state, + const char *client_final_message_without_proof, + uint8 *result) +{ + uint8 StoredKey[SCRAM_KEY_LEN]; + uint8 ClientKey[SCRAM_KEY_LEN]; + uint8 ClientSignature[SCRAM_KEY_LEN]; + int i; + scram_HMAC_ctx ctx; + + /* + * Calculate SaltedPassword, and store it in 'state' so that we can reuse + * it later in verify_server_signature. + */ + scram_SaltedPassword(state->password, state->salt, state->saltlen, + state->iterations, state->SaltedPassword); + + scram_ClientKey(state->SaltedPassword, ClientKey); + scram_H(ClientKey, SCRAM_KEY_LEN, StoredKey); + + scram_HMAC_init(&ctx, StoredKey, SCRAM_KEY_LEN); + scram_HMAC_update(&ctx, + state->client_first_message_bare, + strlen(state->client_first_message_bare)); + scram_HMAC_update(&ctx, ",", 1); + scram_HMAC_update(&ctx, + state->server_first_message, + strlen(state->server_first_message)); + scram_HMAC_update(&ctx, ",", 1); + scram_HMAC_update(&ctx, + client_final_message_without_proof, + strlen(client_final_message_without_proof)); + scram_HMAC_final(ClientSignature, &ctx); + + for (i = 0; i < SCRAM_KEY_LEN; i++) + result[i] = ClientKey[i] ^ ClientSignature[i]; +} + +/* + * Validate the server signature, received as part of the final exchange + * message received from the server. + */ +static bool +verify_server_signature(fe_scram_state *state) +{ + uint8 expected_ServerSignature[SCRAM_KEY_LEN]; + uint8 ServerKey[SCRAM_KEY_LEN]; + scram_HMAC_ctx ctx; + + scram_ServerKey(state->SaltedPassword, ServerKey); + + /* calculate ServerSignature */ + scram_HMAC_init(&ctx, ServerKey, SCRAM_KEY_LEN); + scram_HMAC_update(&ctx, + state->client_first_message_bare, + strlen(state->client_first_message_bare)); + scram_HMAC_update(&ctx, ",", 1); + scram_HMAC_update(&ctx, + state->server_first_message, + strlen(state->server_first_message)); + scram_HMAC_update(&ctx, ",", 1); + scram_HMAC_update(&ctx, + state->client_final_message_without_proof, + strlen(state->client_final_message_without_proof)); + scram_HMAC_final(expected_ServerSignature, &ctx); + + if (memcmp(expected_ServerSignature, state->ServerSignature, SCRAM_KEY_LEN) != 0) + return false; + + return true; +} + +/* + * Build a new SCRAM verifier. + */ +char * +pg_fe_scram_build_verifier(const char *password) +{ + char *prep_password = NULL; + pg_saslprep_rc rc; + char saltbuf[SCRAM_DEFAULT_SALT_LEN]; + char *result; + + /* + * Normalize the password with SASLprep. If that doesn't work, because + * the password isn't valid UTF-8 or contains prohibited characters, just + * proceed with the original password. (See comments at top of file.) + */ + rc = pg_saslprep(password, &prep_password); + if (rc == SASLPREP_OOM) + return NULL; + if (rc == SASLPREP_SUCCESS) + password = (const char *) prep_password; + + /* Generate a random salt */ + if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) + { + if (prep_password) + free(prep_password); + return NULL; + } + + result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN, + SCRAM_DEFAULT_ITERATIONS, password); + + if (prep_password) + free(prep_password); + + return result; +} + +/* + * Random number generator. + */ +static bool +pg_frontend_random(char *dst, int len) +{ +#ifdef HAVE_STRONG_RANDOM + return pg_strong_random(dst, len); +#else + int i; + char *end = dst + len; + + static unsigned short seed[3]; + static int mypid = 0; + + pglock_thread(); + + if (mypid != getpid()) + { + struct timeval now; + + gettimeofday(&now, NULL); + + seed[0] = now.tv_sec ^ getpid(); + seed[1] = (unsigned short) (now.tv_usec); + seed[2] = (unsigned short) (now.tv_usec >> 16); + } + + for (i = 0; dst < end; i++) + { + uint32 r; + int j; + + /* + * pg_jrand48 returns a 32-bit integer. Fill the next 4 bytes from + * it. + */ + r = (uint32) pg_jrand48(seed); + + for (j = 0; j < 4 && dst < end; j++) + { + *(dst++) = (char) (r & 0xFF); + r >>= 8; + } + } + + pgunlock_thread(); + + return true; +#endif +} diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 66c8237ffe..16956dc3f7 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -3,7 +3,7 @@ * fe-auth.c * The front-end (client) authorization routines * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION @@ -41,9 +41,10 @@ #include <pwd.h> #endif +#include "common/md5.h" #include "libpq-fe.h" +#include "libpq/scram.h" #include "fe-auth.h" -#include "libpq/md5.h" #ifdef ENABLE_GSS @@ -51,7 +52,7 @@ * GSSAPI authentication system. */ -#if defined(WIN32) && !defined(WIN32_ONLY_COMPILER) +#if defined(WIN32) && !defined(_MSC_VER) /* * MIT Kerberos GSSAPI DLL doesn't properly export the symbols for MingW * that contain the OIDs required. Redefine here, values copied @@ -102,11 +103,39 @@ pg_GSS_error(const char *mprefix, PGconn *conn, * Continue GSS authentication with next token as needed. */ static int -pg_GSS_continue(PGconn *conn) +pg_GSS_continue(PGconn *conn, int payloadlen) { OM_uint32 maj_stat, min_stat, lmin_s; + gss_buffer_desc ginbuf; + gss_buffer_desc goutbuf; + + /* + * On first call, there's no input token. On subsequent calls, read the + * input token into a GSS buffer. + */ + if (conn->gctx != GSS_C_NO_CONTEXT) + { + ginbuf.length = payloadlen; + ginbuf.value = malloc(payloadlen); + if (!ginbuf.value) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory allocating GSSAPI buffer (%d)\n"), + payloadlen); + return STATUS_ERROR; + } + if (pqGetnchar(ginbuf.value, payloadlen, conn)) + { + /* + * Shouldn't happen, because the caller should've ensured that the + * whole message is already in the input buffer. + */ + free(ginbuf.value); + return STATUS_ERROR; + } + } maj_stat = gss_init_sec_context(&min_stat, GSS_C_NO_CREDENTIAL, @@ -116,20 +145,16 @@ pg_GSS_continue(PGconn *conn) GSS_C_MUTUAL_FLAG, 0, GSS_C_NO_CHANNEL_BINDINGS, - (conn->gctx == GSS_C_NO_CONTEXT) ? GSS_C_NO_BUFFER : &conn->ginbuf, + (conn->gctx == GSS_C_NO_CONTEXT) ? GSS_C_NO_BUFFER : &ginbuf, NULL, - &conn->goutbuf, + &goutbuf, NULL, NULL); if (conn->gctx != GSS_C_NO_CONTEXT) - { - free(conn->ginbuf.value); - conn->ginbuf.value = NULL; - conn->ginbuf.length = 0; - } + free(ginbuf.value); - if (conn->goutbuf.length != 0) + if (goutbuf.length != 0) { /* * GSS generated data to send to the server. We don't care if it's the @@ -137,14 +162,13 @@ pg_GSS_continue(PGconn *conn) * packet. */ if (pqPacketSend(conn, 'p', - conn->goutbuf.value, conn->goutbuf.length) - != STATUS_OK) + goutbuf.value, goutbuf.length) != STATUS_OK) { - gss_release_buffer(&lmin_s, &conn->goutbuf); + gss_release_buffer(&lmin_s, &goutbuf); return STATUS_ERROR; } } - gss_release_buffer(&lmin_s, &conn->goutbuf); + gss_release_buffer(&lmin_s, &goutbuf); if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED) { @@ -167,14 +191,15 @@ pg_GSS_continue(PGconn *conn) * Send initial GSS authentication token */ static int -pg_GSS_startup(PGconn *conn) +pg_GSS_startup(PGconn *conn, int payloadlen) { OM_uint32 maj_stat, min_stat; int maxlen; gss_buffer_desc temp_gbuf; + char *host = PQhost(conn); - if (!(conn->pghost && conn->pghost[0] != '\0')) + if (!(host && host[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); @@ -201,7 +226,7 @@ pg_GSS_startup(PGconn *conn) return STATUS_ERROR; } snprintf(temp_gbuf.value, maxlen, "%s@%s", - conn->krbsrvname, conn->pghost); + conn->krbsrvname, host); temp_gbuf.length = strlen(temp_gbuf.value); maj_stat = gss_import_name(&min_stat, &temp_gbuf, @@ -222,7 +247,7 @@ pg_GSS_startup(PGconn *conn) */ conn->gctx = GSS_C_NO_CONTEXT; - return pg_GSS_continue(conn); + return pg_GSS_continue(conn, payloadlen); } #endif /* ENABLE_GSS */ @@ -252,7 +277,7 @@ pg_SSPI_error(PGconn *conn, const char *mprefix, SECURITY_STATUS r) * Continue SSPI authentication with next token as needed. */ static int -pg_SSPI_continue(PGconn *conn) +pg_SSPI_continue(PGconn *conn, int payloadlen) { SECURITY_STATUS r; CtxtHandle newContext; @@ -261,6 +286,7 @@ pg_SSPI_continue(PGconn *conn) SecBufferDesc outbuf; SecBuffer OutBuffers[1]; SecBuffer InBuffers[1]; + char *inputbuf = NULL; if (conn->sspictx != NULL) { @@ -268,11 +294,29 @@ pg_SSPI_continue(PGconn *conn) * On runs other than the first we have some data to send. Put this * data in a SecBuffer type structure. */ + inputbuf = malloc(payloadlen); + if (!inputbuf) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory allocating SSPI buffer (%d)\n"), + payloadlen); + return STATUS_ERROR; + } + if (pqGetnchar(inputbuf, payloadlen, conn)) + { + /* + * Shouldn't happen, because the caller should've ensured that the + * whole message is already in the input buffer. + */ + free(inputbuf); + return STATUS_ERROR; + } + inbuf.ulVersion = SECBUFFER_VERSION; inbuf.cBuffers = 1; inbuf.pBuffers = InBuffers; - InBuffers[0].pvBuffer = conn->ginbuf.value; - InBuffers[0].cbBuffer = conn->ginbuf.length; + InBuffers[0].pvBuffer = inputbuf; + InBuffers[0].cbBuffer = payloadlen; InBuffers[0].BufferType = SECBUFFER_TOKEN; } @@ -296,6 +340,10 @@ pg_SSPI_continue(PGconn *conn) &contextAttr, NULL); + /* we don't need the input anymore */ + if (inputbuf) + free(inputbuf); + if (r != SEC_E_OK && r != SEC_I_CONTINUE_NEEDED) { pg_SSPI_error(conn, libpq_gettext("SSPI continuation error"), r); @@ -314,16 +362,6 @@ pg_SSPI_continue(PGconn *conn) } memcpy(conn->sspictx, &newContext, sizeof(CtxtHandle)); } - else - { - /* - * On subsequent runs when we had data to send, free buffers that - * contained this data. - */ - free(conn->ginbuf.value); - conn->ginbuf.value = NULL; - conn->ginbuf.length = 0; - } /* * If SSPI returned any data to be sent to the server (as it normally @@ -370,10 +408,11 @@ pg_SSPI_continue(PGconn *conn) * which supports both kerberos and NTLM, but is not compatible with Unix. */ static int -pg_SSPI_startup(PGconn *conn, int use_negotiate) +pg_SSPI_startup(PGconn *conn, int use_negotiate, int payloadlen) { SECURITY_STATUS r; TimeStamp expire; + char *host = PQhost(conn); conn->sspictx = NULL; @@ -409,19 +448,19 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate) * but not more complex. We can skip the @REALM part, because Windows will * fill that in for us automatically. */ - if (!(conn->pghost && conn->pghost[0] != '\0')) + if (!(host && host[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); return STATUS_ERROR; } - conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(conn->pghost) + 2); + conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(host) + 2); if (!conn->sspitarget) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("out of memory\n")); return STATUS_ERROR; } - sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, conn->pghost); + sprintf(conn->sspitarget, "%s/%s", conn->krbsrvname, host); /* * Indicate that we're in SSPI authentication mode to make sure that @@ -429,11 +468,208 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate) */ conn->usesspi = 1; - return pg_SSPI_continue(conn); + return pg_SSPI_continue(conn, payloadlen); } #endif /* ENABLE_SSPI */ /* + * Initialize SASL authentication exchange. + */ +static int +pg_SASL_init(PGconn *conn, int payloadlen) +{ + char *initialresponse = NULL; + int initialresponselen; + bool done; + bool success; + const char *selected_mechanism; + PQExpBufferData mechanism_buf; + + initPQExpBuffer(&mechanism_buf); + + if (conn->sasl_state) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("duplicate SASL authentication request\n")); + goto error; + } + + /* + * Parse the list of SASL authentication mechanisms in the + * AuthenticationSASL message, and select the best mechanism that we + * support. (Only SCRAM-SHA-256 is supported at the moment.) + */ + selected_mechanism = NULL; + for (;;) + { + if (pqGets(&mechanism_buf, conn)) + { + printfPQExpBuffer(&conn->errorMessage, + "fe_sendauth: invalid authentication request from server: invalid list of authentication mechanisms\n"); + goto error; + } + if (PQExpBufferDataBroken(mechanism_buf)) + goto oom_error; + + /* An empty string indicates end of list */ + if (mechanism_buf.data[0] == '\0') + break; + + /* + * If we have already selected a mechanism, just skip through the rest + * of the list. + */ + if (selected_mechanism) + continue; + + /* + * Do we support this mechanism? + */ + if (strcmp(mechanism_buf.data, SCRAM_SHA256_NAME) == 0) + { + char *password; + + conn->password_needed = true; + password = conn->connhost[conn->whichhost].password; + if (password == NULL) + password = conn->pgpass; + if (password == NULL || password[0] == '\0') + { + printfPQExpBuffer(&conn->errorMessage, + PQnoPasswordSupplied); + goto error; + } + + conn->sasl_state = pg_fe_scram_init(conn->pguser, password); + if (!conn->sasl_state) + goto oom_error; + selected_mechanism = SCRAM_SHA256_NAME; + } + } + + if (!selected_mechanism) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("none of the server's SASL authentication mechanisms are supported\n")); + goto error; + } + + /* Get the mechanism-specific Initial Client Response, if any */ + pg_fe_scram_exchange(conn->sasl_state, + NULL, -1, + &initialresponse, &initialresponselen, + &done, &success, &conn->errorMessage); + + if (done && !success) + goto error; + + /* + * Build a SASLInitialResponse message, and send it. + */ + if (pqPutMsgStart('p', true, conn)) + goto error; + if (pqPuts(selected_mechanism, conn)) + goto error; + if (initialresponse) + { + if (pqPutInt(initialresponselen, 4, conn)) + goto error; + if (pqPutnchar(initialresponse, initialresponselen, conn)) + goto error; + } + if (pqPutMsgEnd(conn)) + goto error; + if (pqFlush(conn)) + goto error; + + termPQExpBuffer(&mechanism_buf); + if (initialresponse) + free(initialresponse); + + return STATUS_OK; + +error: + termPQExpBuffer(&mechanism_buf); + if (initialresponse) + free(initialresponse); + return STATUS_ERROR; + +oom_error: + termPQExpBuffer(&mechanism_buf); + if (initialresponse) + free(initialresponse); + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory\n")); + return STATUS_ERROR; +} + +/* + * Exchange a message for SASL communication protocol with the backend. + * This should be used after calling pg_SASL_init to set up the status of + * the protocol. + */ +static int +pg_SASL_continue(PGconn *conn, int payloadlen, bool final) +{ + char *output; + int outputlen; + bool done; + bool success; + int res; + char *challenge; + + /* Read the SASL challenge from the AuthenticationSASLContinue message. */ + challenge = malloc(payloadlen + 1); + if (!challenge) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory allocating SASL buffer (%d)\n"), + payloadlen); + return STATUS_ERROR; + } + + if (pqGetnchar(challenge, payloadlen, conn)) + { + free(challenge); + return STATUS_ERROR; + } + /* For safety and convenience, ensure the buffer is NULL-terminated. */ + challenge[payloadlen] = '\0'; + + pg_fe_scram_exchange(conn->sasl_state, + challenge, payloadlen, + &output, &outputlen, + &done, &success, &conn->errorMessage); + free(challenge); /* don't need the input anymore */ + + if (final && !done) + { + if (outputlen != 0) + free(output); + + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("AuthenticationSASLFinal received from server, but SASL authentication was not completed\n")); + return STATUS_ERROR; + } + if (outputlen != 0) + { + /* + * Send the SASL response to the server. + */ + res = pqPacketSend(conn, 'p', output, outputlen); + free(output); + + if (res != STATUS_OK) + return STATUS_ERROR; + } + + if (done && !success) + return STATUS_ERROR; + + return STATUS_OK; +} + +/* * Respond to AUTH_REQ_SCM_CREDS challenge. * * Note: this is dead code as of Postgres 9.1, because current backends will @@ -500,6 +736,14 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq) int ret; char *crypt_pwd = NULL; const char *pwd_to_send; + char md5Salt[4]; + + /* Read the salt from the AuthenticationMD5 message. */ + if (areq == AUTH_REQ_MD5) + { + if (pqGetnchar(md5Salt, 4, conn)) + return STATUS_ERROR; /* shouldn't happen */ + } /* Encrypt the password if needed. */ @@ -525,8 +769,8 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq) free(crypt_pwd); return STATUS_ERROR; } - if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), conn->md5Salt, - sizeof(conn->md5Salt), crypt_pwd)) + if (!pg_md5_encrypt(crypt_pwd2 + strlen("md5"), md5Salt, + 4, crypt_pwd)) { free(crypt_pwd); return STATUS_ERROR; @@ -553,10 +797,17 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq) /* * pg_fe_sendauth - * client demux routine for outgoing authentication information + * client demux routine for processing an authentication request + * + * The server has sent us an authentication challenge (or OK). Send an + * appropriate response. The caller has ensured that the whole message is + * now in the input buffer, and has already read the type and length of + * it. We are responsible for reading any remaining extra data, specific + * to the authentication method. 'payloadlen' is the remaining length in + * the message. */ int -pg_fe_sendauth(AuthRequest areq, PGconn *conn) +pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn) { switch (areq) { @@ -594,13 +845,13 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn) */ #if defined(ENABLE_GSS) && defined(ENABLE_SSPI) if (conn->gsslib && (pg_strcasecmp(conn->gsslib, "gssapi") == 0)) - r = pg_GSS_startup(conn); + r = pg_GSS_startup(conn, payloadlen); else - r = pg_SSPI_startup(conn, 0); + r = pg_SSPI_startup(conn, 0, payloadlen); #elif defined(ENABLE_GSS) && !defined(ENABLE_SSPI) - r = pg_GSS_startup(conn); + r = pg_GSS_startup(conn, payloadlen); #elif !defined(ENABLE_GSS) && defined(ENABLE_SSPI) - r = pg_SSPI_startup(conn, 0); + r = pg_SSPI_startup(conn, 0, payloadlen); #endif if (r != STATUS_OK) { @@ -619,13 +870,13 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn) pglock_thread(); #if defined(ENABLE_GSS) && defined(ENABLE_SSPI) if (conn->usesspi) - r = pg_SSPI_continue(conn); + r = pg_SSPI_continue(conn, payloadlen); else - r = pg_GSS_continue(conn); + r = pg_GSS_continue(conn, payloadlen); #elif defined(ENABLE_GSS) && !defined(ENABLE_SSPI) - r = pg_GSS_continue(conn); + r = pg_GSS_continue(conn, payloadlen); #elif !defined(ENABLE_GSS) && defined(ENABLE_SSPI) - r = pg_SSPI_continue(conn); + r = pg_SSPI_continue(conn, payloadlen); #endif if (r != STATUS_OK) { @@ -654,7 +905,7 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn) * negotiation instead of Kerberos. */ pglock_thread(); - if (pg_SSPI_startup(conn, 1) != STATUS_OK) + if (pg_SSPI_startup(conn, 1, payloadlen) != STATUS_OK) { /* Error message already filled in. */ pgunlock_thread(); @@ -686,17 +937,56 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn) case AUTH_REQ_MD5: case AUTH_REQ_PASSWORD: - conn->password_needed = true; - if (conn->pgpass == NULL || conn->pgpass[0] == '\0') { - printfPQExpBuffer(&conn->errorMessage, - PQnoPasswordSupplied); + char *password; + + conn->password_needed = true; + password = conn->connhost[conn->whichhost].password; + if (password == NULL) + password = conn->pgpass; + if (password == NULL || password[0] == '\0') + { + printfPQExpBuffer(&conn->errorMessage, + PQnoPasswordSupplied); + return STATUS_ERROR; + } + if (pg_password_sendauth(conn, password, areq) != STATUS_OK) + { + printfPQExpBuffer(&conn->errorMessage, + "fe_sendauth: error sending password authentication\n"); + return STATUS_ERROR; + } + break; + } + + case AUTH_REQ_SASL: + + /* + * The request contains the name (as assigned by IANA) of the + * authentication mechanism. + */ + if (pg_SASL_init(conn, payloadlen) != STATUS_OK) + { + /* pg_SASL_init already set the error message */ return STATUS_ERROR; } - if (pg_password_sendauth(conn, conn->pgpass, areq) != STATUS_OK) + break; + + case AUTH_REQ_SASL_CONT: + case AUTH_REQ_SASL_FIN: + if (conn->sasl_state == NULL) { printfPQExpBuffer(&conn->errorMessage, - "fe_sendauth: error sending password authentication\n"); + "fe_sendauth: invalid authentication request from server: AUTH_REQ_SASL_CONT without AUTH_REQ_SASL\n"); + return STATUS_ERROR; + } + if (pg_SASL_continue(conn, payloadlen, + (areq == AUTH_REQ_SASL_FIN)) != STATUS_OK) + { + /* Use error message, if set already */ + if (conn->errorMessage.len == 0) + printfPQExpBuffer(&conn->errorMessage, + "fe_sendauth: error in SASL authentication\n"); return STATUS_ERROR; } break; @@ -790,37 +1080,144 @@ pg_fe_getauthname(PQExpBuffer errorMessage) /* - * PQencryptPassword -- exported routine to encrypt a password + * PQencryptPassword -- exported routine to encrypt a password with MD5 + * + * This function is equivalent to calling PQencryptPasswordConn with + * "md5" as the encryption method, except that this doesn't require + * a connection object. This function is deprecated, use + * PQencryptPasswordConn instead. + */ +char * +PQencryptPassword(const char *passwd, const char *user) +{ + char *crypt_pwd; + + crypt_pwd = malloc(MD5_PASSWD_LEN + 1); + if (!crypt_pwd) + return NULL; + + if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd)) + { + free(crypt_pwd); + return NULL; + } + + return crypt_pwd; +} + +/* + * PQencryptPasswordConn -- exported routine to encrypt a password * * This is intended to be used by client applications that wish to send * commands like ALTER USER joe PASSWORD 'pwd'. The password need not * be sent in cleartext if it is encrypted on the client side. This is * good because it ensures the cleartext password won't end up in logs, * pg_stat displays, etc. We export the function so that clients won't - * be dependent on low-level details like whether the enceyption is MD5 + * be dependent on low-level details like whether the encryption is MD5 * or something else. * - * Arguments are the cleartext password, and the SQL name of the user it - * is for. + * Arguments are a connection object, the cleartext password, the SQL + * name of the user it is for, and a string indicating the algorithm to + * use for encrypting the password. If algorithm is NULL, this queries + * the server for the current 'password_encryption' value. If you wish + * to avoid that, e.g. to avoid blocking, you can execute + * 'show password_encryption' yourself before calling this function, and + * pass it as the algorithm. * - * Return value is a malloc'd string, or NULL if out-of-memory. The client - * may assume the string doesn't contain any special characters that would - * require escaping. + * Return value is a malloc'd string. The client may assume the string + * doesn't contain any special characters that would require escaping. + * On error, an error message is stored in the connection object, and + * returns NULL. */ char * -PQencryptPassword(const char *passwd, const char *user) +PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, + const char *algorithm) { - char *crypt_pwd; +#define MAX_ALGORITHM_NAME_LEN 50 + char algobuf[MAX_ALGORITHM_NAME_LEN + 1]; + char *crypt_pwd = NULL; - crypt_pwd = malloc(MD5_PASSWD_LEN + 1); - if (!crypt_pwd) + if (!conn) return NULL; - if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd)) + /* If no algorithm was given, ask the server. */ + if (algorithm == NULL) { - free(crypt_pwd); + PGresult *res; + char *val; + + res = PQexec(conn, "show password_encryption"); + if (res == NULL) + { + /* PQexec() should've set conn->errorMessage already */ + return NULL; + } + if (PQresultStatus(res) != PGRES_TUPLES_OK) + { + /* PQexec() should've set conn->errorMessage already */ + PQclear(res); + return NULL; + } + if (PQntuples(res) != 1 || PQnfields(res) != 1) + { + PQclear(res); + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("unexpected shape of result set returned for SHOW\n")); + return NULL; + } + val = PQgetvalue(res, 0, 0); + + if (strlen(val) > MAX_ALGORITHM_NAME_LEN) + { + PQclear(res); + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("password_encryption value too long\n")); + return NULL; + } + strcpy(algobuf, val); + PQclear(res); + + algorithm = algobuf; + } + + /* + * Also accept "on" and "off" as aliases for "md5", because + * password_encryption was a boolean before PostgreSQL 10. We refuse to + * send the password in plaintext even if it was "off". + */ + if (strcmp(algorithm, "on") == 0 || + strcmp(algorithm, "off") == 0) + algorithm = "md5"; + + /* + * Ok, now we know what algorithm to use + */ + if (strcmp(algorithm, "scram-sha-256") == 0) + { + crypt_pwd = pg_fe_scram_build_verifier(passwd); + } + else if (strcmp(algorithm, "md5") == 0) + { + crypt_pwd = malloc(MD5_PASSWD_LEN + 1); + if (crypt_pwd) + { + if (!pg_md5_encrypt(passwd, user, strlen(user), crypt_pwd)) + { + free(crypt_pwd); + crypt_pwd = NULL; + } + } + } + else + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("unknown password encryption algorithm\n")); return NULL; } + if (!crypt_pwd) + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory\n")); + return crypt_pwd; } diff --git a/src/interfaces/libpq/fe-auth.h b/src/interfaces/libpq/fe-auth.h index 9d11654dd1..9f4c2a50d8 100644 --- a/src/interfaces/libpq/fe-auth.h +++ b/src/interfaces/libpq/fe-auth.h @@ -4,7 +4,7 @@ * * Definitions for network authentication routines * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/fe-auth.h @@ -18,7 +18,16 @@ #include "libpq-int.h" -extern int pg_fe_sendauth(AuthRequest areq, PGconn *conn); +/* Prototypes for functions in fe-auth.c */ +extern int pg_fe_sendauth(AuthRequest areq, int payloadlen, PGconn *conn); extern char *pg_fe_getauthname(PQExpBuffer errorMessage); +/* Prototypes for functions in fe-auth-scram.c */ +extern void *pg_fe_scram_init(const char *username, const char *password); +extern void pg_fe_scram_free(void *opaq); +extern void pg_fe_scram_exchange(void *opaq, char *input, int inputlen, + char **output, int *outputlen, + bool *done, bool *success, PQExpBuffer errorMessage); +extern char *pg_fe_scram_build_verifier(const char *password); + #endif /* FE_AUTH_H */ diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 76b61bdc25..f2c9bf7a88 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -3,7 +3,7 @@ * fe-connect.c * functions related to setting up a connection to the backend * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * @@ -15,7 +15,6 @@ #include "postgres_fe.h" -#include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> #include <ctype.h> @@ -38,7 +37,7 @@ #endif #define near #include <shlobj.h> -#ifdef WIN32_ONLY_COMPILER /* mstcpip.h is missing on mingw */ +#ifdef _MSC_VER /* mstcpip.h is missing on mingw */ #include <mstcpip.h> #endif #else @@ -72,13 +71,9 @@ static int ldapServiceLookup(const char *purl, PQconninfoOption *options, PQExpBuffer errorMessage); #endif -#include "libpq/ip.h" +#include "common/ip.h" #include "mb/pg_wchar.h" -#ifndef FD_CLOEXEC -#define FD_CLOEXEC 1 -#endif - #ifndef WIN32 #define PGPASSFILE ".pgpass" @@ -107,7 +102,7 @@ static int ldapServiceLookup(const char *purl, PQconninfoOption *options, #define DefaultTty "" #define DefaultOption "" #define DefaultAuthtype "" -#define DefaultPassword "" +#define DefaultTargetSessionAttrs "any" #ifdef USE_SSL #define DefaultSSLMode "prefer" #else @@ -184,6 +179,10 @@ static const internalPQconninfoOption PQconninfoOptions[] = { "Database-Password", "*", 20, offsetof(struct pg_conn, pgpass)}, + {"passfile", "PGPASSFILE", NULL, NULL, + "Database-Password-File", "", 64, + offsetof(struct pg_conn, pgpassfile)}, + {"connect_timeout", "PGCONNECT_TIMEOUT", NULL, NULL, "Connect-timeout", "", 10, /* strlen(INT32_MAX) == 10 */ offsetof(struct pg_conn, connect_timeout)}, @@ -300,6 +299,11 @@ static const internalPQconninfoOption PQconninfoOptions[] = { "Replication", "D", 5, offsetof(struct pg_conn, replication)}, + {"target_session_attrs", "PGTARGETSESSIONATTRS", + DefaultTargetSessionAttrs, NULL, + "Target-Session-Attrs", "", 11, /* sizeof("read-write") = 11 */ + offsetof(struct pg_conn, target_session_attrs)}, + /* Terminating entry --- MUST BE LAST */ {NULL, NULL, NULL, NULL, NULL, NULL, 0} @@ -336,6 +340,8 @@ static PGconn *makeEmptyPGconn(void); static bool fillPGconn(PGconn *conn, PQconninfoOption *connOptions); static void freePGconn(PGconn *conn); static void closePGconn(PGconn *conn); +static void release_all_addrinfo(PGconn *conn); +static void sendTerminateConn(PGconn *conn); static PQconninfoOption *conninfo_init(PQExpBuffer errorMessage); static PQconninfoOption *parse_connection_string(const char *conninfo, PQExpBuffer errorMessage, bool use_defaults); @@ -374,10 +380,9 @@ static int parseServiceFile(const char *serviceFile, PQExpBuffer errorMessage, bool *group_found); static char *pwdfMatchesString(char *buf, char *token); -static char *PasswordFromFile(char *hostname, char *port, char *dbname, - char *username); -static bool getPgPassFilename(char *pgpassfile); -static void dot_pg_pass_warning(PGconn *conn); +static char *passwordFromFile(char *hostname, char *port, char *dbname, + char *username, char *pgpassfile); +static void pgpassfileWarning(PGconn *conn); static void default_threadlock(int acquire); @@ -771,6 +776,147 @@ static bool connectOptions2(PGconn *conn) { /* + * Allocate memory for details about each host to which we might possibly + * try to connect. If pghostaddr is set, we're only going to try to + * connect to that one particular address. If it's not, we'll use pghost, + * which may contain multiple, comma-separated names. + */ + conn->nconnhost = 1; + conn->whichhost = 0; + if ((conn->pghostaddr == NULL || conn->pghostaddr[0] == '\0') + && conn->pghost != NULL) + { + char *s; + + for (s = conn->pghost; *s != '\0'; ++s) + if (*s == ',') + conn->nconnhost++; + } + conn->connhost = (pg_conn_host *) + calloc(conn->nconnhost, sizeof(pg_conn_host)); + if (conn->connhost == NULL) + goto oom_error; + + /* + * We now have one pg_conn_host structure per possible host. Fill in the + * host details for each one. + */ + if (conn->pghostaddr != NULL && conn->pghostaddr[0] != '\0') + { + conn->connhost[0].host = strdup(conn->pghostaddr); + if (conn->connhost[0].host == NULL) + goto oom_error; + conn->connhost[0].type = CHT_HOST_ADDRESS; + } + else if (conn->pghost != NULL && conn->pghost[0] != '\0') + { + int i = 0; + char *s = conn->pghost; + + while (1) + { + char *e = s; + + /* + * Search for the end of the current hostname; a comma or + * end-of-string acts as a terminator. + */ + while (*e != '\0' && *e != ',') + ++e; + + /* Copy the hostname whose bounds we just identified. */ + conn->connhost[i].host = + (char *) malloc(sizeof(char) * (e - s + 1)); + if (conn->connhost[i].host == NULL) + goto oom_error; + memcpy(conn->connhost[i].host, s, e - s); + conn->connhost[i].host[e - s] = '\0'; + + /* Identify the type of host. */ + conn->connhost[i].type = CHT_HOST_NAME; +#ifdef HAVE_UNIX_SOCKETS + if (is_absolute_path(conn->connhost[i].host)) + conn->connhost[i].type = CHT_UNIX_SOCKET; +#endif + + /* Prepare to find the next host (if any). */ + if (*e == '\0') + break; + s = e + 1; + i++; + } + } + else + { +#ifdef HAVE_UNIX_SOCKETS + conn->connhost[0].host = strdup(DEFAULT_PGSOCKET_DIR); + conn->connhost[0].type = CHT_UNIX_SOCKET; +#else + conn->connhost[0].host = strdup(DefaultHost); + conn->connhost[0].type = CHT_HOST_NAME; +#endif + if (conn->connhost[0].host == NULL) + goto oom_error; + } + + /* + * Next, work out the port number corresponding to each host name. + */ + if (conn->pgport != NULL && conn->pgport[0] != '\0') + { + int i = 0; + char *s = conn->pgport; + int nports = 1; + + for (i = 0; i < conn->nconnhost; ++i) + { + char *e = s; + + /* Search for the end of the current port number. */ + while (*e != '\0' && *e != ',') + ++e; + + /* + * If we found a port number of non-zero length, copy it. + * Otherwise, insert the default port number. + */ + if (e > s) + { + conn->connhost[i].port = + (char *) malloc(sizeof(char) * (e - s + 1)); + if (conn->connhost[i].port == NULL) + goto oom_error; + memcpy(conn->connhost[i].port, s, e - s); + conn->connhost[i].port[e - s] = '\0'; + } + + /* + * Move on to the next port number, unless there are no more. (If + * only one part number is specified, we reuse it for every host.) + */ + if (*e != '\0') + { + s = e + 1; + ++nports; + } + } + + /* + * If multiple ports were specified, there must be exactly as many + * ports as there were hosts. Otherwise, we do not know how to match + * them up. + */ + if (nports != 1 && nports != conn->nconnhost) + { + conn->status = CONNECTION_BAD; + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not match %d port numbers to %d hosts\n"), + nports, conn->nconnhost); + return false; + } + } + + /* * If user name was not given, fetch it. (Most likely, the fetch will * fail, since the only way we get here is if pg_fe_getauthname() failed * during conninfo_add_defaults(). But now we want an error message.) @@ -800,33 +946,58 @@ connectOptions2(PGconn *conn) } /* - * Supply default password if none given + * Supply default password if none given. Note that the password might be + * different for each host/port pair. */ if (conn->pgpass == NULL || conn->pgpass[0] == '\0') { - if (conn->pgpass) - free(conn->pgpass); - conn->pgpass = PasswordFromFile(conn->pghost, conn->pgport, - conn->dbName, conn->pguser); - if (conn->pgpass == NULL) + int i; + + if (conn->pgpassfile == NULL || conn->pgpassfile[0] == '\0') { - conn->pgpass = strdup(DefaultPassword); - if (!conn->pgpass) + /* Identify password file to use; fail if we can't */ + char homedir[MAXPGPATH]; + + if (!pqGetHomeDirectory(homedir, sizeof(homedir))) + { + conn->status = CONNECTION_BAD; + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not get home directory to locate password file\n")); + return false; + } + + if (conn->pgpassfile) + free(conn->pgpassfile); + conn->pgpassfile = malloc(MAXPGPATH); + if (!conn->pgpassfile) goto oom_error; + + snprintf(conn->pgpassfile, MAXPGPATH, "%s/%s", homedir, PGPASSFILE); } - else - conn->dot_pgpass_used = true; - } - /* - * Allow unix socket specification in the host name - */ - if (conn->pghost && is_absolute_path(conn->pghost)) - { - if (conn->pgunixsocket) - free(conn->pgunixsocket); - conn->pgunixsocket = conn->pghost; - conn->pghost = NULL; + for (i = 0; i < conn->nconnhost; i++) + { + /* + * Try to get a password for this host from pgpassfile. We use + * host name rather than host address in the same manner to + * PQhost(). + */ + char *pwhost = conn->connhost[i].host; + + if (conn->connhost[i].type == CHT_HOST_ADDRESS && + conn->pghost != NULL && conn->pghost[0] != '\0') + pwhost = conn->pghost; + + conn->connhost[i].password = + passwordFromFile(pwhost, + conn->connhost[i].port, + conn->dbName, + conn->pguser, + conn->pgpassfile); + /* If we got one, set pgpassfile_used */ + if (conn->connhost[i].password != NULL) + conn->pgpassfile_used = true; + } } /* @@ -890,6 +1061,22 @@ connectOptions2(PGconn *conn) } /* + * Validate target_session_attrs option. + */ + if (conn->target_session_attrs) + { + if (strcmp(conn->target_session_attrs, "any") != 0 + && strcmp(conn->target_session_attrs, "read-write") != 0) + { + conn->status = CONNECTION_BAD; + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("invalid target_session_attrs value: \"%s\"\n"), + conn->target_session_attrs); + return false; + } + } + + /* * Only if we get this far is it appropriate to try to connect. (We need a * state flag, rather than just the boolean result of this function, in * case someone tries to PQreset() the PGconn.) @@ -1142,6 +1329,7 @@ connectFailureMessage(PGconn *conn, int errorno) { char host_addr[NI_MAXHOST]; const char *displayed_host; + const char *displayed_port; struct sockaddr_storage *addr = &conn->raddr.addr; /* @@ -1171,12 +1359,11 @@ connectFailureMessage(PGconn *conn, int errorno) else strcpy(host_addr, "???"); - if (conn->pghostaddr && conn->pghostaddr[0] != '\0') - displayed_host = conn->pghostaddr; - else if (conn->pghost && conn->pghost[0] != '\0') - displayed_host = conn->pghost; - else - displayed_host = DefaultHost; + /* To which host and port were we actually connecting? */ + displayed_host = conn->connhost[conn->whichhost].host; + displayed_port = conn->connhost[conn->whichhost].port; + if (displayed_port == NULL || displayed_port[0] == '\0') + displayed_port = DEF_PGPORT_STR; /* * If the user did not supply an IP address using 'hostaddr', and @@ -1192,7 +1379,7 @@ connectFailureMessage(PGconn *conn, int errorno) SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)), displayed_host, host_addr, - conn->pgport); + displayed_port); else appendPQExpBuffer(&conn->errorMessage, libpq_gettext("could not connect to server: %s\n" @@ -1200,7 +1387,7 @@ connectFailureMessage(PGconn *conn, int errorno) "\tTCP/IP connections on port %s?\n"), SOCK_STRERROR(errorno, sebuf, sizeof(sebuf)), displayed_host, - conn->pgport); + displayed_port); } } @@ -1252,7 +1439,7 @@ setKeepalivesIdle(PGconn *conn) } #else #ifdef TCP_KEEPALIVE - /* Darwin uses TCP_KEEPALIVE rather than TCP_KEEPIDLE */ + /* macOS uses TCP_KEEPALIVE rather than TCP_KEEPIDLE */ if (setsockopt(conn->sock, IPPROTO_TCP, TCP_KEEPALIVE, (char *) &idle, sizeof(idle)) < 0) { @@ -1390,12 +1577,9 @@ setKeepalivesWin32(PGconn *conn) static int connectDBStart(PGconn *conn) { - int portnum; char portstr[MAXPGPATH]; - struct addrinfo *addrs = NULL; - struct addrinfo hint; - const char *node; int ret; + int i; if (!conn) return 0; @@ -1408,83 +1592,86 @@ connectDBStart(PGconn *conn) conn->outCount = 0; /* - * Determine the parameters to pass to pg_getaddrinfo_all. + * Look up socket addresses for each possible host using + * pg_getaddrinfo_all. */ + for (i = 0; i < conn->nconnhost; ++i) + { + pg_conn_host *ch = &conn->connhost[i]; + char *node = ch->host; + struct addrinfo hint; + int thisport; - /* Initialize hint structure */ - MemSet(&hint, 0, sizeof(hint)); - hint.ai_socktype = SOCK_STREAM; - hint.ai_family = AF_UNSPEC; + /* Initialize hint structure */ + MemSet(&hint, 0, sizeof(hint)); + hint.ai_socktype = SOCK_STREAM; + hint.ai_family = AF_UNSPEC; - /* Set up port number as a string */ - if (conn->pgport != NULL && conn->pgport[0] != '\0') - { - portnum = atoi(conn->pgport); - if (portnum < 1 || portnum > 65535) + /* Figure out the port number we're going to use. */ + if (ch->port == NULL) + thisport = DEF_PGPORT; + else { - appendPQExpBuffer(&conn->errorMessage, + thisport = atoi(ch->port); + if (thisport < 1 || thisport > 65535) + { + appendPQExpBuffer(&conn->errorMessage, libpq_gettext("invalid port number: \"%s\"\n"), - conn->pgport); - conn->options_valid = false; - goto connect_errReturn; + ch->port); + conn->options_valid = false; + goto connect_errReturn; + } } - } - else - portnum = DEF_PGPORT; - snprintf(portstr, sizeof(portstr), "%d", portnum); + snprintf(portstr, sizeof(portstr), "%d", thisport); - if (conn->pghostaddr != NULL && conn->pghostaddr[0] != '\0') - { - /* Using pghostaddr avoids a hostname lookup */ - node = conn->pghostaddr; - hint.ai_family = AF_UNSPEC; - hint.ai_flags = AI_NUMERICHOST; - } - else if (conn->pghost != NULL && conn->pghost[0] != '\0') - { - /* Using pghost, so we have to look-up the hostname */ - node = conn->pghost; - hint.ai_family = AF_UNSPEC; - } - else - { + /* Set up for name resolution. */ + switch (ch->type) + { + case CHT_HOST_NAME: + break; + case CHT_HOST_ADDRESS: + hint.ai_flags = AI_NUMERICHOST; + break; + case CHT_UNIX_SOCKET: #ifdef HAVE_UNIX_SOCKETS - /* pghostaddr and pghost are NULL, so use Unix domain socket */ - node = NULL; - hint.ai_family = AF_UNIX; - UNIXSOCK_PATH(portstr, portnum, conn->pgunixsocket); - if (strlen(portstr) >= UNIXSOCK_PATH_BUFLEN) + node = NULL; + hint.ai_family = AF_UNIX; + UNIXSOCK_PATH(portstr, thisport, ch->host); + if (strlen(portstr) >= UNIXSOCK_PATH_BUFLEN) + { + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n"), + portstr, + (int) (UNIXSOCK_PATH_BUFLEN - 1)); + conn->options_valid = false; + goto connect_errReturn; + } +#else + Assert(false); +#endif + break; + } + + /* Use pg_getaddrinfo_all() to resolve the address */ + ret = pg_getaddrinfo_all(node, portstr, &hint, &ch->addrlist); + if (ret || !ch->addrlist) { - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n"), - portstr, - (int) (UNIXSOCK_PATH_BUFLEN - 1)); + if (node) + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not translate host name \"%s\" to address: %s\n"), + node, gai_strerror(ret)); + else + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not translate Unix-domain socket path \"%s\" to address: %s\n"), + portstr, gai_strerror(ret)); + if (ch->addrlist) + { + pg_freeaddrinfo_all(hint.ai_family, ch->addrlist); + ch->addrlist = NULL; + } conn->options_valid = false; goto connect_errReturn; } -#else - /* Without Unix sockets, default to localhost instead */ - node = DefaultHost; - hint.ai_family = AF_UNSPEC; -#endif /* HAVE_UNIX_SOCKETS */ - } - - /* Use pg_getaddrinfo_all() to resolve the address */ - ret = pg_getaddrinfo_all(node, portstr, &hint, &addrs); - if (ret || !addrs) - { - if (node) - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not translate host name \"%s\" to address: %s\n"), - node, gai_strerror(ret)); - else - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not translate Unix-domain socket path \"%s\" to address: %s\n"), - portstr, gai_strerror(ret)); - if (addrs) - pg_freeaddrinfo_all(hint.ai_family, addrs); - conn->options_valid = false; - goto connect_errReturn; } #ifdef USE_SSL @@ -1498,9 +1685,8 @@ connectDBStart(PGconn *conn) /* * Set up to try to connect, with protocol 3.0 as the first attempt. */ - conn->addrlist = addrs; - conn->addr_cur = addrs; - conn->addrlist_family = hint.ai_family; + conn->whichhost = 0; + conn->addr_cur = conn->connhost[0].addrlist; conn->pversion = PG_PROTOCOL(3, 0); conn->send_appname = true; conn->status = CONNECTION_NEEDED; @@ -1534,6 +1720,7 @@ connectDBComplete(PGconn *conn) { PostgresPollingStatusType flag = PGRES_POLLING_WRITING; time_t finish_time = ((time_t) -1); + int timeout = 0; if (conn == NULL || conn->status == CONNECTION_BAD) return 0; @@ -1543,8 +1730,7 @@ connectDBComplete(PGconn *conn) */ if (conn->connect_timeout != NULL) { - int timeout = atoi(conn->connect_timeout); - + timeout = atoi(conn->connect_timeout); if (timeout > 0) { /* @@ -1559,6 +1745,8 @@ connectDBComplete(PGconn *conn) for (;;) { + int ret = 0; + /* * Wait, if necessary. Note that the initial state (just after * PQconnectStart) is to wait for the socket to select for writing. @@ -1575,7 +1763,8 @@ connectDBComplete(PGconn *conn) return 1; /* success! */ case PGRES_POLLING_READING: - if (pqWaitTimed(1, 0, conn, finish_time)) + ret = pqWaitTimed(1, 0, conn, finish_time); + if (ret == -1) { conn->status = CONNECTION_BAD; return 0; @@ -1583,7 +1772,8 @@ connectDBComplete(PGconn *conn) break; case PGRES_POLLING_WRITING: - if (pqWaitTimed(0, 1, conn, finish_time)) + ret = pqWaitTimed(0, 1, conn, finish_time); + if (ret == -1) { conn->status = CONNECTION_BAD; return 0; @@ -1596,6 +1786,23 @@ connectDBComplete(PGconn *conn) return 0; } + if (ret == 1) /* connect_timeout elapsed */ + { + /* If there are no more hosts, return (the error message is already set) */ + if (++conn->whichhost >= conn->nconnhost) + { + conn->whichhost = 0; + conn->status = CONNECTION_BAD; + return 0; + } + /* Attempt connection to the next host, starting the connect_timeout timer */ + pqDropConnection(conn, true); + conn->addr_cur = conn->connhost[conn->whichhost].addrlist; + conn->status = CONNECTION_NEEDED; + if (conn->connect_timeout != NULL) + finish_time = time(NULL) + timeout; + } + /* * Now try to advance the state machine. */ @@ -1603,6 +1810,39 @@ connectDBComplete(PGconn *conn) } } +/* + * This subroutine saves conn->errorMessage, which will be restored back by + * restoreErrorMessage subroutine. + */ +static bool +saveErrorMessage(PGconn *conn, PQExpBuffer savedMessage) +{ + initPQExpBuffer(savedMessage); + if (PQExpBufferBroken(savedMessage)) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("out of memory\n")); + return false; + } + + appendPQExpBufferStr(savedMessage, + conn->errorMessage.data); + resetPQExpBuffer(&conn->errorMessage); + return true; +} + +/* + * Restores saved error messages back to conn->errorMessage. + */ +static void +restoreErrorMessage(PGconn *conn, PQExpBuffer savedMessage) +{ + appendPQExpBufferStr(savedMessage, conn->errorMessage.data); + resetPQExpBuffer(&conn->errorMessage); + appendPQExpBufferStr(&conn->errorMessage, savedMessage->data); + termPQExpBuffer(savedMessage); +} + /* ---------------- * PQconnectPoll * @@ -1636,6 +1876,7 @@ PQconnectPoll(PGconn *conn) PGresult *res; char sebuf[256]; int optval; + PQExpBufferData savedMessage; if (conn == NULL) return PGRES_POLLING_FAILED; @@ -1679,6 +1920,8 @@ PQconnectPoll(PGconn *conn) /* Special cases: proceed without waiting. */ case CONNECTION_SSL_STARTUP: case CONNECTION_NEEDED: + case CONNECTION_CHECK_WRITABLE: + case CONNECTION_CONSUME: break; default: @@ -1702,11 +1945,27 @@ keep_going: /* We will come back to here until there is * returned by pg_getaddrinfo_all(). conn->addr_cur is the * next one to try. We fail when we run out of addresses. */ - while (conn->addr_cur != NULL) + for (;;) { - struct addrinfo *addr_cur = conn->addr_cur; + struct addrinfo *addr_cur; + + /* + * Advance to next possible host, if we've tried all of + * the addresses for the current host. + */ + if (conn->addr_cur == NULL) + { + if (++conn->whichhost >= conn->nconnhost) + { + conn->whichhost = 0; + break; + } + conn->addr_cur = + conn->connhost[conn->whichhost].addrlist; + } /* Remember current address for possible error msg */ + addr_cur = conn->addr_cur; memcpy(&conn->raddr.addr, addr_cur->ai_addr, addr_cur->ai_addrlen); conn->raddr.salen = addr_cur->ai_addrlen; @@ -1718,7 +1977,8 @@ keep_going: /* We will come back to here until there is * ignore socket() failure if we have more addresses * to try */ - if (addr_cur->ai_next != NULL) + if (addr_cur->ai_next != NULL || + conn->whichhost + 1 < conn->nconnhost) { conn->addr_cur = addr_cur->ai_next; continue; @@ -1902,7 +2162,7 @@ keep_going: /* We will come back to here until there is } /* loop over addresses */ /* - * Ooops, no more addresses. An appropriate error message is + * Oops, no more addresses. An appropriate error message is * already set up, so just set the right status. */ goto error_return; @@ -1944,7 +2204,8 @@ keep_going: /* We will come back to here until there is * If more addresses remain, keep trying, just as in the * case where connect() returned failure immediately. */ - if (conn->addr_cur->ai_next != NULL) + if (conn->addr_cur->ai_next != NULL || + conn->whichhost + 1 < conn->nconnhost) { conn->addr_cur = conn->addr_cur->ai_next; conn->status = CONNECTION_NEEDED; @@ -2248,6 +2509,7 @@ keep_going: /* We will come back to here until there is int msgLength; int avail; AuthRequest areq; + int res; /* * Scan the message from current point (note that if we find @@ -2437,73 +2699,50 @@ keep_going: /* We will come back to here until there is /* We'll come back when there are more data */ return PGRES_POLLING_READING; } - - /* Get the password salt if there is one. */ - if (areq == AUTH_REQ_MD5) - { - if (pqGetnchar(conn->md5Salt, - sizeof(conn->md5Salt), conn)) - { - /* We'll come back when there are more data */ - return PGRES_POLLING_READING; - } - } -#if defined(ENABLE_GSS) || defined(ENABLE_SSPI) + msgLength -= 4; /* - * Continue GSSAPI/SSPI authentication + * Ensure the password salt is in the input buffer, if it's an + * MD5 request. All the other authentication methods that + * contain extra data in the authentication request are only + * supported in protocol version 3, in which case we already + * read the whole message above. */ - if (areq == AUTH_REQ_GSS_CONT) + if (areq == AUTH_REQ_MD5 && PG_PROTOCOL_MAJOR(conn->pversion) < 3) { - int llen = msgLength - 4; + msgLength += 4; - /* - * We can be called repeatedly for the same buffer. Avoid - * re-allocating the buffer in this case - just re-use the - * old buffer. - */ - if (llen != conn->ginbuf.length) + avail = conn->inEnd - conn->inCursor; + if (avail < 4) { - if (conn->ginbuf.value) - free(conn->ginbuf.value); - - conn->ginbuf.length = llen; - conn->ginbuf.value = malloc(llen); - if (!conn->ginbuf.value) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("out of memory allocating GSSAPI buffer (%d)"), - llen); + /* + * Before returning, try to enlarge the input buffer + * if needed to hold the whole message; see notes in + * pqParseInput3. + */ + if (pqCheckInBufferSpace(conn->inCursor + (size_t) 4, + conn)) goto error_return; - } - } - - if (pqGetnchar(conn->ginbuf.value, llen, conn)) - { - /* We'll come back when there is more data. */ + /* We'll come back when there is more data */ return PGRES_POLLING_READING; } } -#endif - - /* - * OK, we successfully read the message; mark data consumed - */ - conn->inStart = conn->inCursor; - - /* Respond to the request if necessary. */ /* + * Process the rest of the authentication request message, and + * respond to it if necessary. + * * Note that conn->pghost must be non-NULL if we are going to * avoid the Kerberos code doing a hostname look-up. */ + res = pg_fe_sendauth(areq, msgLength, conn); + conn->errorMessage.len = strlen(conn->errorMessage.data); - if (pg_fe_sendauth(areq, conn) != STATUS_OK) - { - conn->errorMessage.len = strlen(conn->errorMessage.data); + /* OK, we have processed the message; mark data consumed */ + conn->inStart = conn->inCursor; + + if (res != STATUS_OK) goto error_return; - } - conn->errorMessage.len = strlen(conn->errorMessage.data); /* * Just make sure that any data sent by pg_fe_sendauth is @@ -2599,11 +2838,6 @@ keep_going: /* We will come back to here until there is goto error_return; } - /* We can release the address list now. */ - pg_freeaddrinfo_all(conn->addrlist_family, conn->addrlist); - conn->addrlist = NULL; - conn->addr_cur = NULL; - /* Fire up post-connection housekeeping if needed */ if (PG_PROTOCOL_MAJOR(conn->pversion) < 3) { @@ -2613,7 +2847,39 @@ keep_going: /* We will come back to here until there is return PGRES_POLLING_WRITING; } - /* Otherwise, we are open for business! */ + /* + * If a read-write connection is required, see if we have one. + */ + if (conn->target_session_attrs != NULL && + strcmp(conn->target_session_attrs, "read-write") == 0) + { + /* + * We are yet to make a connection. Save all existing + * error messages until we make a successful connection + * state. This is important because PQsendQuery is going + * to reset conn->errorMessage and we will lose error + * messages related to previous hosts we have tried to + * connect and failed. + */ + if (!saveErrorMessage(conn, &savedMessage)) + goto error_return; + + conn->status = CONNECTION_OK; + if (!PQsendQuery(conn, + "SHOW transaction_read_only")) + { + restoreErrorMessage(conn, &savedMessage); + goto error_return; + } + conn->status = CONNECTION_CHECK_WRITABLE; + restoreErrorMessage(conn, &savedMessage); + return PGRES_POLLING_READING; + } + + /* We can release the address lists now. */ + release_all_addrinfo(conn); + + /* We are open for business! */ conn->status = CONNECTION_OK; return PGRES_POLLING_OK; } @@ -2645,10 +2911,157 @@ keep_going: /* We will come back to here until there is goto error_return; } + /* + * If a read-write connection is requested check for same. + */ + if (conn->target_session_attrs != NULL && + strcmp(conn->target_session_attrs, "read-write") == 0) + { + if (!saveErrorMessage(conn, &savedMessage)) + goto error_return; + + conn->status = CONNECTION_OK; + if (!PQsendQuery(conn, + "SHOW transaction_read_only")) + { + restoreErrorMessage(conn, &savedMessage); + goto error_return; + } + conn->status = CONNECTION_CHECK_WRITABLE; + restoreErrorMessage(conn, &savedMessage); + return PGRES_POLLING_READING; + } + + /* We can release the address lists now. */ + release_all_addrinfo(conn); + /* We are open for business! */ conn->status = CONNECTION_OK; return PGRES_POLLING_OK; + case CONNECTION_CONSUME: + { + conn->status = CONNECTION_OK; + if (!PQconsumeInput(conn)) + goto error_return; + + if (PQisBusy(conn)) + { + conn->status = CONNECTION_CONSUME; + restoreErrorMessage(conn, &savedMessage); + return PGRES_POLLING_READING; + } + + /* + * Call PQgetResult() again to consume NULL result. + */ + res = PQgetResult(conn); + if (res != NULL) + { + PQclear(res); + conn->status = CONNECTION_CONSUME; + goto keep_going; + } + + /* We are open for business! */ + conn->status = CONNECTION_OK; + return PGRES_POLLING_OK; + } + case CONNECTION_CHECK_WRITABLE: + { + if (!saveErrorMessage(conn, &savedMessage)) + goto error_return; + + conn->status = CONNECTION_OK; + if (!PQconsumeInput(conn)) + { + restoreErrorMessage(conn, &savedMessage); + goto error_return; + } + + if (PQisBusy(conn)) + { + conn->status = CONNECTION_CHECK_WRITABLE; + restoreErrorMessage(conn, &savedMessage); + return PGRES_POLLING_READING; + } + + res = PQgetResult(conn); + if (res && (PQresultStatus(res) == PGRES_TUPLES_OK) && + PQntuples(res) == 1) + { + char *val; + + val = PQgetvalue(res, 0, 0); + if (strncmp(val, "on", 2) == 0) + { + PQclear(res); + restoreErrorMessage(conn, &savedMessage); + + /* Not writable; close connection. */ + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not make a writable " + "connection to server " + "\"%s:%s\"\n"), + conn->connhost[conn->whichhost].host, + conn->connhost[conn->whichhost].port); + conn->status = CONNECTION_OK; + sendTerminateConn(conn); + pqDropConnection(conn, true); + + /* Skip any remaining addresses for this host. */ + conn->addr_cur = NULL; + if (conn->whichhost + 1 < conn->nconnhost) + { + conn->status = CONNECTION_NEEDED; + goto keep_going; + } + + /* No more addresses to try. So we fail. */ + goto error_return; + } + PQclear(res); + termPQExpBuffer(&savedMessage); + + /* We can release the address lists now. */ + release_all_addrinfo(conn); + + /* + * Finish reading any remaining messages before being + * considered as ready. + */ + conn->status = CONNECTION_CONSUME; + goto keep_going; + } + + /* + * Something went wrong with "SHOW transaction_read_only". We + * should try next addresses. + */ + if (res) + PQclear(res); + restoreErrorMessage(conn, &savedMessage); + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("test \"SHOW transaction_read_only\" failed " + " on \"%s:%s\"\n"), + conn->connhost[conn->whichhost].host, + conn->connhost[conn->whichhost].port); + conn->status = CONNECTION_OK; + sendTerminateConn(conn); + pqDropConnection(conn, true); + + if (conn->addr_cur->ai_next != NULL || + conn->whichhost + 1 < conn->nconnhost) + { + conn->addr_cur = conn->addr_cur->ai_next; + conn->status = CONNECTION_NEEDED; + goto keep_going; + } + + /* No more addresses to try. So we fail. */ + goto error_return; + } + default: appendPQExpBuffer(&conn->errorMessage, libpq_gettext("invalid connection state %d, " @@ -2661,7 +3074,7 @@ keep_going: /* We will come back to here until there is error_return: - dot_pg_pass_warning(conn); + pgpassfileWarning(conn); /* * We used to close the socket at this point, but that makes it awkward @@ -2792,7 +3205,7 @@ makeEmptyPGconn(void) conn->sock = PGINVALID_SOCKET; conn->auth_req_received = false; conn->password_needed = false; - conn->dot_pgpass_used = false; + conn->pgpassfile_used = false; #ifdef USE_SSL conn->allow_ssl_try = true; conn->wait_ssl_try = false; @@ -2858,6 +3271,21 @@ freePGconn(PGconn *conn) free(conn->events[i].name); } + /* clean up pg_conn_host structures */ + if (conn->connhost != NULL) + { + for (i = 0; i < conn->nconnhost; ++i) + { + if (conn->connhost[i].host != NULL) + free(conn->connhost[i].host); + if (conn->connhost[i].port != NULL) + free(conn->connhost[i].port); + if (conn->connhost[i].password != NULL) + free(conn->connhost[i].password); + } + free(conn->connhost); + } + if (conn->client_encoding_initial) free(conn->client_encoding_initial); if (conn->events) @@ -2868,8 +3296,6 @@ freePGconn(PGconn *conn) free(conn->pghostaddr); if (conn->pgport) free(conn->pgport); - if (conn->pgunixsocket) - free(conn->pgunixsocket); if (conn->pgtty) free(conn->pgtty); if (conn->connect_timeout) @@ -2888,6 +3314,8 @@ freePGconn(PGconn *conn) free(conn->pguser); if (conn->pgpass) free(conn->pgpass); + if (conn->pgpassfile) + free(conn->pgpassfile); if (conn->keepalives) free(conn->keepalives); if (conn->keepalives_idle) @@ -2927,6 +3355,8 @@ freePGconn(PGconn *conn) free(conn->outBuffer); if (conn->rowBuf) free(conn->rowBuf); + if (conn->target_session_attrs) + free(conn->target_session_attrs); termPQExpBuffer(&conn->errorMessage); termPQExpBuffer(&conn->workBuffer); @@ -2938,19 +3368,41 @@ freePGconn(PGconn *conn) } /* - * closePGconn - * - properly close a connection to the backend - * - * This should reset or release all transient state, but NOT the connection - * parameters. On exit, the PGconn should be in condition to start a fresh - * connection with the same parameters (see PQreset()). + * release_all_addrinfo + * - free addrinfo of all hostconn elements. */ + static void -closePGconn(PGconn *conn) +release_all_addrinfo(PGconn *conn) { - PGnotify *notify; - pgParameterStatus *pstatus; + if (conn->connhost != NULL) + { + int i; + + for (i = 0; i < conn->nconnhost; ++i) + { + int family = AF_UNSPEC; + +#ifdef HAVE_UNIX_SOCKETS + if (conn->connhost[i].type == CHT_UNIX_SOCKET) + family = AF_UNIX; +#endif + + pg_freeaddrinfo_all(family, + conn->connhost[i].addrlist); + conn->connhost[i].addrlist = NULL; + } + } + conn->addr_cur = NULL; +} +/* + * sendTerminateConn + * - Send a terminate message to backend. + */ +static void +sendTerminateConn(PGconn *conn) +{ /* * Note that the protocol doesn't allow us to send Terminate messages * during the startup phase. @@ -2965,6 +3417,23 @@ closePGconn(PGconn *conn) pqPutMsgEnd(conn); (void) pqFlush(conn); } +} + +/* + * closePGconn + * - properly close a connection to the backend + * + * This should reset or release all transient state, but NOT the connection + * parameters. On exit, the PGconn should be in condition to start a fresh + * connection with the same parameters (see PQreset()). + */ +static void +closePGconn(PGconn *conn) +{ + PGnotify *notify; + pgParameterStatus *pstatus; + + sendTerminateConn(conn); /* * Must reset the blocking status so a possible reconnect will work. @@ -2983,9 +3452,8 @@ closePGconn(PGconn *conn) conn->asyncStatus = PGASYNC_IDLE; pqClearAsyncResult(conn); /* deallocate result */ resetPQExpBuffer(&conn->errorMessage); - pg_freeaddrinfo_all(conn->addrlist_family, conn->addrlist); - conn->addrlist = NULL; - conn->addr_cur = NULL; + release_all_addrinfo(conn); + notify = conn->notifyHead; while (notify != NULL) { @@ -3015,17 +3483,9 @@ closePGconn(PGconn *conn) gss_delete_sec_context(&min_s, &conn->gctx, GSS_C_NO_BUFFER); if (conn->gtarg_nam) gss_release_name(&min_s, &conn->gtarg_nam); - if (conn->ginbuf.length) - gss_release_buffer(&min_s, &conn->ginbuf); - if (conn->goutbuf.length) - gss_release_buffer(&min_s, &conn->goutbuf); } #endif #ifdef ENABLE_SSPI - if (conn->ginbuf.length) - free(conn->ginbuf.value); - conn->ginbuf.length = 0; - conn->ginbuf.value = NULL; if (conn->sspitarget) free(conn->sspitarget); conn->sspitarget = NULL; @@ -3042,6 +3502,15 @@ closePGconn(PGconn *conn) conn->sspictx = NULL; } #endif + if (conn->sasl_state) + { + /* + * XXX: if support for more authentication mechanisms is added, this + * needs to call the right 'free' function. + */ + pg_fe_scram_free(conn->sasl_state); + conn->sasl_state = NULL; + } } /* @@ -4636,6 +5105,30 @@ conninfo_add_defaults(PQconninfoOption *options, PQExpBuffer errorMessage) } /* + * Interpret the deprecated PGREQUIRESSL environment variable. Per + * tradition, translate values starting with "1" to sslmode=require, + * and ignore other values. Given both PGREQUIRESSL=1 and PGSSLMODE, + * PGSSLMODE takes precedence; the opposite was true before v9.3. + */ + if (strcmp(option->keyword, "sslmode") == 0) + { + const char *requiresslenv = getenv("PGREQUIRESSL"); + + if (requiresslenv != NULL && requiresslenv[0] == '1') + { + option->val = strdup("require"); + if (!option->val) + { + if (errorMessage) + printfPQExpBuffer(errorMessage, + libpq_gettext("out of memory\n")); + return false; + } + continue; + } + } + + /* * No environment variable specified or the variable isn't set - try * compiled-in default */ @@ -4720,7 +5213,10 @@ conninfo_uri_parse(const char *uri, PQExpBuffer errorMessage, * postgresql://[user[:password]@][netloc][:port][/dbname][?param1=value1&...] * * where "netloc" is a hostname, an IPv4 address, or an IPv6 address surrounded - * by literal square brackets. + * by literal square brackets. As an extension, we also allow multiple + * netloc[:port] specifications, separated by commas: + * + * postgresql://[user[:password]@][netloc][:port][,...][/dbname][?param1=value1&...] * * Any of the URI parts might use percent-encoding (%xy). */ @@ -4730,12 +5226,23 @@ conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, { int prefix_len; char *p; - char *buf; + char *buf = NULL; char *start; char prevchar = '\0'; char *user = NULL; char *host = NULL; bool retval = false; + PQExpBufferData hostbuf; + PQExpBufferData portbuf; + + initPQExpBuffer(&hostbuf); + initPQExpBuffer(&portbuf); + if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf)) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("out of memory\n")); + goto cleanup; + } /* need a modifiable copy of the input URI */ buf = strdup(uri); @@ -4743,7 +5250,7 @@ conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, { printfPQExpBuffer(errorMessage, libpq_gettext("out of memory\n")); - return false; + goto cleanup; } start = buf; @@ -4810,85 +5317,104 @@ conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, } /* - * "p" has been incremented past optional URI credential information at - * this point and now points at the "netloc" part of the URI. - * - * Look for IPv6 address. + * There may be multiple netloc[:port] pairs, each separated from the next + * by a comma. When we initially enter this loop, "p" has been + * incremented past optional URI credential information at this point and + * now points at the "netloc" part of the URI. On subsequent loop + * iterations, "p" has been incremented past the comma separator and now + * points at the start of the next "netloc". */ - if (*p == '[') + for (;;) { - host = ++p; - while (*p && *p != ']') - ++p; - if (!*p) - { - printfPQExpBuffer(errorMessage, - libpq_gettext("end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n"), - uri); - goto cleanup; - } - if (p == host) - { - printfPQExpBuffer(errorMessage, - libpq_gettext("IPv6 host address may not be empty in URI: \"%s\"\n"), - uri); - goto cleanup; - } - - /* Cut off the bracket and advance */ - *(p++) = '\0'; - /* - * The address may be followed by a port specifier or a slash or a - * query. + * Look for IPv6 address. */ - if (*p && *p != ':' && *p != '/' && *p != '?') + if (*p == '[') { - printfPQExpBuffer(errorMessage, - libpq_gettext("unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n"), - *p, (int) (p - buf + 1), uri); - goto cleanup; + host = ++p; + while (*p && *p != ']') + ++p; + if (!*p) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n"), + uri); + goto cleanup; + } + if (p == host) + { + printfPQExpBuffer(errorMessage, + libpq_gettext("IPv6 host address may not be empty in URI: \"%s\"\n"), + uri); + goto cleanup; + } + + /* Cut off the bracket and advance */ + *(p++) = '\0'; + + /* + * The address may be followed by a port specifier or a slash or a + * query or a separator comma. + */ + if (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',') + { + printfPQExpBuffer(errorMessage, + libpq_gettext("unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n"), + *p, (int) (p - buf + 1), uri); + goto cleanup; + } } - } - else - { - /* not an IPv6 address: DNS-named or IPv4 netloc */ - host = p; + else + { + /* not an IPv6 address: DNS-named or IPv4 netloc */ + host = p; - /* - * Look for port specifier (colon) or end of host specifier (slash), - * or query (question mark). - */ - while (*p && *p != ':' && *p != '/' && *p != '?') - ++p; - } + /* + * Look for port specifier (colon) or end of host specifier + * (slash) or query (question mark) or host separator (comma). + */ + while (*p && *p != ':' && *p != '/' && *p != '?' && *p != ',') + ++p; + } - /* Save the hostname terminator before we null it */ - prevchar = *p; - *p = '\0'; + /* Save the hostname terminator before we null it */ + prevchar = *p; + *p = '\0'; - if (*host && - !conninfo_storeval(options, "host", host, - errorMessage, false, true)) - goto cleanup; + appendPQExpBufferStr(&hostbuf, host); + if (prevchar == ':') + { + const char *port = ++p; /* advance past host terminator */ - if (prevchar == ':') - { - const char *port = ++p; /* advance past host terminator */ + while (*p && *p != '/' && *p != '?' && *p != ',') + ++p; - while (*p && *p != '/' && *p != '?') - ++p; + prevchar = *p; + *p = '\0'; - prevchar = *p; - *p = '\0'; + appendPQExpBufferStr(&portbuf, port); + } - if (*port && - !conninfo_storeval(options, "port", port, - errorMessage, false, true)) - goto cleanup; + if (prevchar != ',') + break; + ++p; /* advance past comma separator */ + appendPQExpBufferStr(&hostbuf, ","); + appendPQExpBufferStr(&portbuf, ","); } + /* Save final values for host and port. */ + if (PQExpBufferDataBroken(hostbuf) || PQExpBufferDataBroken(portbuf)) + goto cleanup; + if (hostbuf.data[0] && + !conninfo_storeval(options, "host", hostbuf.data, + errorMessage, false, true)) + goto cleanup; + if (portbuf.data[0] && + !conninfo_storeval(options, "port", portbuf.data, + errorMessage, false, true)) + goto cleanup; + if (prevchar && prevchar != '?') { const char *dbname = ++p; /* advance past host terminator */ @@ -4923,7 +5449,10 @@ conninfo_uri_parse_options(PQconninfoOption *options, const char *uri, retval = true; cleanup: - free(buf); + termPQExpBuffer(&hostbuf); + termPQExpBuffer(&portbuf); + if (buf) + free(buf); return retval; } @@ -5342,9 +5871,18 @@ PQuser(const PGconn *conn) char * PQpass(const PGconn *conn) { + char *password = NULL; + if (!conn) return NULL; - return conn->pgpass; + if (conn->connhost != NULL) + password = conn->connhost[conn->whichhost].password; + if (password == NULL) + password = conn->pgpass; + /* Historically we've returned "" not NULL for no password specified */ + if (password == NULL) + password = ""; + return password; } char * @@ -5352,15 +5890,15 @@ PQhost(const PGconn *conn) { if (!conn) return NULL; - if (conn->pghost != NULL && conn->pghost[0] != '\0') + if (conn->connhost != NULL && + conn->connhost[conn->whichhost].type != CHT_HOST_ADDRESS) + return conn->connhost[conn->whichhost].host; + else if (conn->pghost != NULL && conn->pghost[0] != '\0') return conn->pghost; else { #ifdef HAVE_UNIX_SOCKETS - if (conn->pgunixsocket != NULL && conn->pgunixsocket[0] != '\0') - return conn->pgunixsocket; - else - return DEFAULT_PGSOCKET_DIR; + return DEFAULT_PGSOCKET_DIR; #else return DefaultHost; #endif @@ -5372,6 +5910,8 @@ PQport(const PGconn *conn) { if (!conn) return NULL; + if (conn->connhost != NULL) + return conn->connhost[conn->whichhost].port; return conn->pgport; } @@ -5481,10 +6021,13 @@ PQbackendPID(const PGconn *conn) int PQconnectionNeedsPassword(const PGconn *conn) { + char *password; + if (!conn) return false; + password = PQpass(conn); if (conn->password_needed && - (conn->pgpass == NULL || conn->pgpass[0] == '\0')) + (password == NULL || password[0] == '\0')) return true; else return false; @@ -5705,10 +6248,10 @@ pwdfMatchesString(char *buf, char *token) /* Get a password from the password file. Return value is malloc'd. */ static char * -PasswordFromFile(char *hostname, char *port, char *dbname, char *username) +passwordFromFile(char *hostname, char *port, char *dbname, + char *username, char *pgpassfile) { FILE *fp; - char pgpassfile[MAXPGPATH]; struct stat stat_buf; #define LINELEN NAMEDATALEN*5 @@ -5735,9 +6278,6 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username) if (port == NULL) port = DEF_PGPORT_STR; - if (!getPgPassFilename(pgpassfile)) - return NULL; - /* If password file cannot be opened, ignore it. */ if (stat(pgpassfile, &stat_buf) != 0) return NULL; @@ -5783,18 +6323,26 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username) break; len = strlen(buf); - if (len == 0) - continue; /* Remove trailing newline */ - if (buf[len - 1] == '\n') - buf[len - 1] = 0; + if (len > 0 && buf[len - 1] == '\n') + { + buf[--len] = '\0'; + /* Handle DOS-style line endings, too, even when not on Windows */ + if (len > 0 && buf[len - 1] == '\r') + buf[--len] = '\0'; + } + + if (len == 0) + continue; if ((t = pwdfMatchesString(t, hostname)) == NULL || (t = pwdfMatchesString(t, port)) == NULL || (t = pwdfMatchesString(t, dbname)) == NULL || (t = pwdfMatchesString(t, username)) == NULL) continue; + + /* Found a match. */ ret = strdup(t); fclose(fp); @@ -5823,46 +6371,24 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username) } -static bool -getPgPassFilename(char *pgpassfile) -{ - char *passfile_env; - - if ((passfile_env = getenv("PGPASSFILE")) != NULL) - /* use the literal path from the environment, if set */ - strlcpy(pgpassfile, passfile_env, MAXPGPATH); - else - { - char homedir[MAXPGPATH]; - - if (!pqGetHomeDirectory(homedir, sizeof(homedir))) - return false; - snprintf(pgpassfile, MAXPGPATH, "%s/%s", homedir, PGPASSFILE); - } - return true; -} - /* - * If the connection failed, we should mention if - * we got the password from .pgpass in case that - * password is wrong. + * If the connection failed due to bad password, we should mention + * if we got the password from the pgpassfile. */ static void -dot_pg_pass_warning(PGconn *conn) +pgpassfileWarning(PGconn *conn) { - /* If it was 'invalid authorization', add .pgpass mention */ + /* If it was 'invalid authorization', add pgpassfile mention */ /* only works with >= 9.0 servers */ - if (conn->dot_pgpass_used && conn->password_needed && conn->result && - strcmp(PQresultErrorField(conn->result, PG_DIAG_SQLSTATE), - ERRCODE_INVALID_PASSWORD) == 0) + if (conn->pgpassfile_used && conn->password_needed && conn->result) { - char pgpassfile[MAXPGPATH]; + const char *sqlstate = PQresultErrorField(conn->result, + PG_DIAG_SQLSTATE); - if (!getPgPassFilename(pgpassfile)) - return; - appendPQExpBuffer(&conn->errorMessage, + if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0) + appendPQExpBuffer(&conn->errorMessage, libpq_gettext("password retrieved from file \"%s\"\n"), - pgpassfile); + conn->pgpassfile); } } diff --git a/src/interfaces/libpq/fe-exec.c b/src/interfaces/libpq/fe-exec.c index d1b91c841c..9decd5339e 100644 --- a/src/interfaces/libpq/fe-exec.c +++ b/src/interfaces/libpq/fe-exec.c @@ -3,7 +3,7 @@ * fe-exec.c * functions related to sending a query down to the backend * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * @@ -824,6 +824,7 @@ pqInternalNotice(const PGNoticeHooks *hooks, const char *fmt,...) */ pqSaveMessageField(res, PG_DIAG_MESSAGE_PRIMARY, msgBuf); pqSaveMessageField(res, PG_DIAG_SEVERITY, libpq_gettext("NOTICE")); + pqSaveMessageField(res, PG_DIAG_SEVERITY_NONLOCALIZED, "NOTICE"); /* XXX should provide a SQLSTATE too? */ /* @@ -1385,8 +1386,7 @@ PQsendQueryStart(PGconn *conn) } /* initialize async result-accumulation state */ - conn->result = NULL; - conn->next_result = NULL; + pqClearAsyncResult(conn); /* reset single-row processing mode */ conn->singleRowMode = false; @@ -2334,7 +2334,7 @@ PQputCopyEnd(PGconn *conn, const char *errormsg) { if (errormsg) { - /* Ooops, no way to do this in 2.0 */ + /* Oops, no way to do this in 2.0 */ printfPQExpBuffer(&conn->errorMessage, libpq_gettext("function requires at least protocol version 3.0\n")); return -1; diff --git a/src/interfaces/libpq/fe-lobj.c b/src/interfaces/libpq/fe-lobj.c index 3b08768d98..71c9ff650e 100644 --- a/src/interfaces/libpq/fe-lobj.c +++ b/src/interfaces/libpq/fe-lobj.c @@ -3,7 +3,7 @@ * fe-lobj.c * Front-end large object interface * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c index 32da8ca461..1d6ea93a0a 100644 --- a/src/interfaces/libpq/fe-misc.c +++ b/src/interfaces/libpq/fe-misc.c @@ -19,7 +19,7 @@ * routines. * * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION @@ -46,9 +46,6 @@ #ifdef HAVE_POLL_H #include <poll.h> #endif -#ifdef HAVE_SYS_POLL_H -#include <sys/poll.h> -#endif #ifdef HAVE_SYS_SELECT_H #include <sys/select.h> #endif @@ -994,11 +991,9 @@ pqWait(int forRead, int forWrite, PGconn *conn) /* * pqWaitTimed: wait, but not past finish_time. * - * If finish_time is exceeded then we return failure (EOF). This is like - * the response for a kernel exception because we don't want the caller - * to try to read/write in that case. - * * finish_time = ((time_t) -1) disables the wait limit. + * + * Returns -1 on failure, 0 if the socket is readable/writable, 1 if it timed out. */ int pqWaitTimed(int forRead, int forWrite, PGconn *conn, time_t finish_time) @@ -1008,13 +1003,13 @@ pqWaitTimed(int forRead, int forWrite, PGconn *conn, time_t finish_time) result = pqSocketCheck(conn, forRead, forWrite, finish_time); if (result < 0) - return EOF; /* errorMessage is already set */ + return -1; /* errorMessage is already set */ if (result == 0) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("timeout expired\n")); - return EOF; + return 1; } return 0; diff --git a/src/interfaces/libpq/fe-print.c b/src/interfaces/libpq/fe-print.c index c33dc42a83..fa974540f5 100644 --- a/src/interfaces/libpq/fe-print.c +++ b/src/interfaces/libpq/fe-print.c @@ -3,7 +3,7 @@ * fe-print.c * functions for pretty-printing query results * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * These functions were formerly part of fe-exec.c, but they @@ -166,8 +166,9 @@ PQprint(FILE *fout, const PGresult *res, const PQprintOpt *po) screen_size.ws_col = 80; #endif pagerenv = getenv("PAGER"); + /* if PAGER is unset, empty or all-white-space, don't use pager */ if (pagerenv != NULL && - pagerenv[0] != '\0' && + strspn(pagerenv, " \t\r\n") != strlen(pagerenv) && !po->html3 && ((po->expanded && nTups * (nFields + 1) >= screen_size.ws_row) || diff --git a/src/interfaces/libpq/fe-protocol2.c b/src/interfaces/libpq/fe-protocol2.c index f1b90f32d4..3b0500fa52 100644 --- a/src/interfaces/libpq/fe-protocol2.c +++ b/src/interfaces/libpq/fe-protocol2.c @@ -3,7 +3,7 @@ * fe-protocol2.c * functions that are specific to frontend/backend protocol version 2 * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * diff --git a/src/interfaces/libpq/fe-protocol3.c b/src/interfaces/libpq/fe-protocol3.c index a8a987aa92..53776e27b5 100644 --- a/src/interfaces/libpq/fe-protocol3.c +++ b/src/interfaces/libpq/fe-protocol3.c @@ -3,7 +3,7 @@ * fe-protocol3.c * functions that are specific to frontend/backend protocol version 3 * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index f6ce1c7a13..a7c3d7af64 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -4,7 +4,7 @@ * OpenSSL support * * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * @@ -54,9 +54,7 @@ #endif #include <openssl/ssl.h> -#if (SSLEAY_VERSION_NUMBER >= 0x00907000L) #include <openssl/conf.h> -#endif #ifdef USE_SSL_ENGINE #include <openssl/engine.h> #endif @@ -82,12 +80,7 @@ static int my_SSL_set_fd(PGconn *conn, int fd); static bool pq_init_ssl_lib = true; static bool pq_init_crypto_lib = true; -/* - * SSL_context is currently shared between threads and therefore we need to be - * careful to lock around any usage of it when providing thread safety. - * ssl_config_mutex is the mutex that we use to protect it. - */ -static SSL_CTX *SSL_context = NULL; +static bool ssl_lib_initialized = false; #ifdef ENABLE_THREAD_SAFETY static long ssl_open_connections = 0; @@ -135,44 +128,9 @@ pgtls_open_client(PGconn *conn) /* First time through? */ if (conn->ssl == NULL) { -#ifdef ENABLE_THREAD_SAFETY - int rc; -#endif - -#ifdef ENABLE_THREAD_SAFETY - if ((rc = pthread_mutex_lock(&ssl_config_mutex))) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not acquire mutex: %s\n"), strerror(rc)); - return PGRES_POLLING_FAILED; - } -#endif - /* Create a connection-specific SSL object */ - if (!(conn->ssl = SSL_new(SSL_context)) || - !SSL_set_app_data(conn->ssl, conn) || - !my_SSL_set_fd(conn, conn->sock)) - { - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not establish SSL connection: %s\n"), - err); - SSLerrfree(err); -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - pgtls_close(conn); - - return PGRES_POLLING_FAILED; - } - conn->ssl_in_use = true; - -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - /* - * Load client certificate, private key, and trusted CA certs. + * Create a connection-specific SSL object, and load client + * certificate, private key, and trusted CA certs. */ if (initialize_SSL(conn) != 0) { @@ -508,7 +466,6 @@ wildcard_certificate_match(const char *pattern, const char *string) return 1; } - /* * Check if a name from a server's certificate matches the peer's hostname. * @@ -524,8 +481,9 @@ verify_peer_name_matches_certificate_name(PGconn *conn, ASN1_STRING *name_entry, { int len; char *name; - unsigned char *namedata; + const unsigned char *namedata; int result; + char *host = PQhost(conn); *store_name = NULL; @@ -543,7 +501,11 @@ verify_peer_name_matches_certificate_name(PGconn *conn, ASN1_STRING *name_entry, * There is no guarantee the string returned from the certificate is * NULL-terminated, so make a copy that is. */ +#ifdef HAVE_ASN1_STRING_GET0_DATA + namedata = ASN1_STRING_get0_data(name_entry); +#else namedata = ASN1_STRING_data(name_entry); +#endif len = ASN1_STRING_length(name_entry); name = malloc(len + 1); if (name == NULL) @@ -567,12 +529,12 @@ verify_peer_name_matches_certificate_name(PGconn *conn, ASN1_STRING *name_entry, return -1; } - if (pg_strcasecmp(name, conn->pghost) == 0) + if (pg_strcasecmp(name, host) == 0) { /* Exact name match */ result = 1; } - else if (wildcard_certificate_match(name, conn->pghost)) + else if (wildcard_certificate_match(name, host)) { /* Matched wildcard name */ result = 1; @@ -602,6 +564,7 @@ verify_peer_name_matches_certificate(PGconn *conn) STACK_OF(GENERAL_NAME) *peer_san; int i; int rc; + char *host = PQhost(conn); /* * If told not to verify the peer name, don't do it. Return true @@ -611,7 +574,7 @@ verify_peer_name_matches_certificate(PGconn *conn) return true; /* Check that we have a hostname to compare with. */ - if (!(conn->pghost && conn->pghost[0] != '\0')) + if (!(host && host[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified for a verified SSL connection\n")); @@ -709,13 +672,13 @@ verify_peer_name_matches_certificate(PGconn *conn) libpq_ngettext("server certificate for \"%s\" (and %d other name) does not match host name \"%s\"\n", "server certificate for \"%s\" (and %d other names) does not match host name \"%s\"\n", names_examined - 1), - first_name, names_examined - 1, conn->pghost); + first_name, names_examined - 1, host); } else if (names_examined == 1) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("server certificate for \"%s\" does not match host name \"%s\"\n"), - first_name, conn->pghost); + first_name, host); } else { @@ -731,9 +694,13 @@ verify_peer_name_matches_certificate(PGconn *conn) return found_match && !got_error; } -#ifdef ENABLE_THREAD_SAFETY +#if defined(ENABLE_THREAD_SAFETY) && defined(HAVE_CRYPTO_LOCK) /* - * Callback functions for OpenSSL internal locking + * Callback functions for OpenSSL internal locking. (OpenSSL 1.1.0 + * does its own locking, and doesn't need these anymore. The + * CRYPTO_lock() function was removed in 1.1.0, when the callbacks + * were made obsolete, so we assume that if CRYPTO_lock() exists, + * the callbacks are still required.) */ static unsigned long @@ -763,11 +730,10 @@ pq_lockingcallback(int mode, int n, const char *file, int line) PGTHREAD_ERROR("failed to unlock mutex"); } } -#endif /* ENABLE_THREAD_SAFETY */ +#endif /* ENABLE_THREAD_SAFETY && HAVE_CRYPTO_LOCK */ /* - * Initialize SSL system, in particular creating the SSL_context object - * that will be shared by all SSL-using connections in this process. + * Initialize SSL library. * * In threadsafe mode, this includes setting up libcrypto callback functions * to do thread locking. @@ -802,6 +768,7 @@ pgtls_init(PGconn *conn) if (pthread_mutex_lock(&ssl_config_mutex)) return -1; +#ifdef HAVE_CRYPTO_LOCK if (pq_init_crypto_lib) { /* @@ -842,48 +809,22 @@ pgtls_init(PGconn *conn) CRYPTO_set_locking_callback(pq_lockingcallback); } } +#endif /* HAVE_CRYPTO_LOCK */ #endif /* ENABLE_THREAD_SAFETY */ - if (!SSL_context) + if (!ssl_lib_initialized) { if (pq_init_ssl_lib) { -#if SSLEAY_VERSION_NUMBER >= 0x00907000L +#ifdef HAVE_OPENSSL_INIT_SSL + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL); +#else OPENSSL_config(NULL); -#endif SSL_library_init(); SSL_load_error_strings(); - } - - /* - * We use SSLv23_method() because it can negotiate use of the highest - * mutually supported protocol version, while alternatives like - * TLSv1_2_method() permit only one specific version. Note that we - * don't actually allow SSL v2 or v3, only TLS protocols (see below). - */ - SSL_context = SSL_CTX_new(SSLv23_method()); - if (!SSL_context) - { - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not create SSL context: %s\n"), - err); - SSLerrfree(err); -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); #endif - return -1; } - - /* Disable old protocol versions */ - SSL_CTX_set_options(SSL_context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); - - /* - * Disable OpenSSL's moving-write-buffer sanity check, because it - * causes unnecessary failures in nonblocking send cases. - */ - SSL_CTX_set_mode(SSL_context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + ssl_lib_initialized = true; } #ifdef ENABLE_THREAD_SAFETY @@ -901,12 +842,13 @@ pgtls_init(PGconn *conn) * if we had any.) * * Callbacks are only set when we're compiled in threadsafe mode, so - * we only need to remove them in this case. + * we only need to remove them in this case. They are also not needed + * with OpenSSL 1.1.0 anymore. */ static void destroy_ssl_system(void) { -#ifdef ENABLE_THREAD_SAFETY +#if defined(ENABLE_THREAD_SAFETY) && defined(HAVE_CRYPTO_LOCK) /* Mutex is created in initialize_ssl_system() */ if (pthread_mutex_lock(&ssl_config_mutex)) return; @@ -926,9 +868,8 @@ destroy_ssl_system(void) CRYPTO_set_id_callback(NULL); /* - * We don't free the lock array or the SSL_context. If we get another - * connection in this process, we will just re-use them with the - * existing mutexes. + * We don't free the lock array. If we get another connection in this + * process, we will just re-use them with the existing mutexes. * * This means we leak a little memory on repeated load/unload of the * library. @@ -940,26 +881,22 @@ destroy_ssl_system(void) } /* - * Initialize (potentially) per-connection SSL data, namely the - * client certificate, private key, and trusted CA certs. - * - * conn->ssl must already be created. It receives the connection's client - * certificate and private key. Note however that certificates also get - * loaded into the SSL_context object, and are therefore accessible to all - * connections in this process. This should be OK as long as there aren't - * any hash collisions among the certs. + * Create per-connection SSL object, and load the client certificate, + * private key, and trusted CA certs. * * Returns 0 if OK, -1 on failure (with a message in conn->errorMessage). */ static int initialize_SSL(PGconn *conn) { + SSL_CTX *SSL_context; struct stat buf; char homedir[MAXPGPATH]; char fnbuf[MAXPGPATH]; char sebuf[256]; bool have_homedir; bool have_cert; + bool have_rootcert; EVP_PKEY *pkey = NULL; /* @@ -975,6 +912,124 @@ initialize_SSL(PGconn *conn) else /* won't need it */ have_homedir = false; + /* + * Create a new SSL_CTX object. + * + * We used to share a single SSL_CTX between all connections, but it was + * complicated if connections used different certificates. So now we + * create a separate context for each connection, and accept the overhead. + */ + SSL_context = SSL_CTX_new(SSLv23_method()); + if (!SSL_context) + { + char *err = SSLerrmessage(ERR_get_error()); + + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not create SSL context: %s\n"), + err); + SSLerrfree(err); + return -1; + } + + /* Disable old protocol versions */ + SSL_CTX_set_options(SSL_context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); + + /* + * Disable OpenSSL's moving-write-buffer sanity check, because it causes + * unnecessary failures in nonblocking send cases. + */ + SSL_CTX_set_mode(SSL_context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + + /* + * If the root cert file exists, load it so we can perform certificate + * verification. If sslmode is "verify-full" we will also do further + * verification after the connection has been completed. + */ + if (conn->sslrootcert && strlen(conn->sslrootcert) > 0) + strlcpy(fnbuf, conn->sslrootcert, sizeof(fnbuf)); + else if (have_homedir) + snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, ROOT_CERT_FILE); + else + fnbuf[0] = '\0'; + + if (fnbuf[0] != '\0' && + stat(fnbuf, &buf) == 0) + { + X509_STORE *cvstore; + + if (SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL) != 1) + { + char *err = SSLerrmessage(ERR_get_error()); + + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not read root certificate file \"%s\": %s\n"), + fnbuf, err); + SSLerrfree(err); + SSL_CTX_free(SSL_context); + return -1; + } + + if ((cvstore = SSL_CTX_get_cert_store(SSL_context)) != NULL) + { + if (conn->sslcrl && strlen(conn->sslcrl) > 0) + strlcpy(fnbuf, conn->sslcrl, sizeof(fnbuf)); + else if (have_homedir) + snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, ROOT_CRL_FILE); + else + fnbuf[0] = '\0'; + + /* Set the flags to check against the complete CRL chain */ + if (fnbuf[0] != '\0' && + X509_STORE_load_locations(cvstore, fnbuf, NULL) == 1) + { + /* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */ +#ifdef X509_V_FLAG_CRL_CHECK + X509_STORE_set_flags(cvstore, + X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); +#else + char *err = SSLerrmessage(ERR_get_error()); + + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("SSL library does not support CRL certificates (file \"%s\")\n"), + fnbuf); + SSLerrfree(err); + SSL_CTX_free(SSL_context); + return -1; +#endif + } + /* if not found, silently ignore; we do not require CRL */ + ERR_clear_error(); + } + have_rootcert = true; + } + else + { + /* + * stat() failed; assume root file doesn't exist. If sslmode is + * verify-ca or verify-full, this is an error. Otherwise, continue + * without performing any server cert verification. + */ + if (conn->sslmode[0] == 'v') /* "verify-ca" or "verify-full" */ + { + /* + * The only way to reach here with an empty filename is if + * pqGetHomeDirectory failed. That's a sufficiently unusual case + * that it seems worth having a specialized error message for it. + */ + if (fnbuf[0] == '\0') + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not get home directory to locate root certificate file\n" + "Either provide the file or change sslmode to disable server certificate verification.\n")); + else + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("root certificate file \"%s\" does not exist\n" + "Either provide the file or change sslmode to disable server certificate verification.\n"), fnbuf); + SSL_CTX_free(SSL_context); + return -1; + } + have_rootcert = false; + } + /* Read the client certificate file */ if (conn->sslcert && strlen(conn->sslcert) > 0) strlcpy(fnbuf, conn->sslcert, sizeof(fnbuf)); @@ -1000,6 +1055,7 @@ initialize_SSL(PGconn *conn) printfPQExpBuffer(&conn->errorMessage, libpq_gettext("could not open certificate file \"%s\": %s\n"), fnbuf, pqStrerror(errno, sebuf, sizeof(sebuf))); + SSL_CTX_free(SSL_context); return -1; } have_cert = false; @@ -1007,31 +1063,10 @@ initialize_SSL(PGconn *conn) else { /* - * Cert file exists, so load it. Since OpenSSL doesn't provide the - * equivalent of "SSL_use_certificate_chain_file", we actually have to - * load the file twice. The first call loads any extra certs after - * the first one into chain-cert storage associated with the - * SSL_context. The second call loads the first cert (only) into the - * SSL object, where it will be correctly paired with the private key - * we load below. We do it this way so that each connection - * understands which subject cert to present, in case different - * sslcert settings are used for different connections in the same - * process. - * - * NOTE: This function may also modify our SSL_context and therefore - * we have to lock around this call and any places where we use the - * SSL_context struct. + * Cert file exists, so load it. Since OpenSSL doesn't provide the + * equivalent of "SSL_use_certificate_chain_file", we have to load it + * into the SSL context, rather than the SSL object. */ -#ifdef ENABLE_THREAD_SAFETY - int rc; - - if ((rc = pthread_mutex_lock(&ssl_config_mutex))) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not acquire mutex: %s\n"), strerror(rc)); - return -1; - } -#endif if (SSL_CTX_use_certificate_chain_file(SSL_context, fnbuf) != 1) { char *err = SSLerrmessage(ERR_get_error()); @@ -1040,34 +1075,43 @@ initialize_SSL(PGconn *conn) libpq_gettext("could not read certificate file \"%s\": %s\n"), fnbuf, err); SSLerrfree(err); - -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - return -1; - } - - if (SSL_use_certificate_file(conn->ssl, fnbuf, SSL_FILETYPE_PEM) != 1) - { - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not read certificate file \"%s\": %s\n"), - fnbuf, err); - SSLerrfree(err); -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif + SSL_CTX_free(SSL_context); return -1; } /* need to load the associated private key, too */ have_cert = true; + } -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif + /* + * The SSL context is now loaded with the correct root and client + * certificates. Create a connection-specific SSL object. The private key + * is loaded directly into the SSL object. (We could load the private key + * into the context, too, but we have done it this way historically, and + * it doesn't really matter.) + */ + if (!(conn->ssl = SSL_new(SSL_context)) || + !SSL_set_app_data(conn->ssl, conn) || + !my_SSL_set_fd(conn, conn->sock)) + { + char *err = SSLerrmessage(ERR_get_error()); + + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not establish SSL connection: %s\n"), + err); + SSLerrfree(err); + SSL_CTX_free(SSL_context); + return -1; } + conn->ssl_in_use = true; + + /* + * SSL contexts are reference counted by OpenSSL. We can free it as soon + * as we have created the SSL object, and it will stick around for as long + * as it's actually needed. + */ + SSL_CTX_free(SSL_context); + SSL_context = NULL; /* * Read the SSL key. If a key is specified, treat it as an engine:key @@ -1226,109 +1270,11 @@ initialize_SSL(PGconn *conn) } /* - * If the root cert file exists, load it so we can perform certificate - * verification. If sslmode is "verify-full" we will also do further - * verification after the connection has been completed. + * If a root cert was loaded, also set our certificate verification + * callback. */ - if (conn->sslrootcert && strlen(conn->sslrootcert) > 0) - strlcpy(fnbuf, conn->sslrootcert, sizeof(fnbuf)); - else if (have_homedir) - snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, ROOT_CERT_FILE); - else - fnbuf[0] = '\0'; - - if (fnbuf[0] != '\0' && - stat(fnbuf, &buf) == 0) - { - X509_STORE *cvstore; - -#ifdef ENABLE_THREAD_SAFETY - int rc; - - if ((rc = pthread_mutex_lock(&ssl_config_mutex))) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not acquire mutex: %s\n"), strerror(rc)); - return -1; - } -#endif - if (SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL) != 1) - { - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not read root certificate file \"%s\": %s\n"), - fnbuf, err); - SSLerrfree(err); -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - return -1; - } - - if ((cvstore = SSL_CTX_get_cert_store(SSL_context)) != NULL) - { - if (conn->sslcrl && strlen(conn->sslcrl) > 0) - strlcpy(fnbuf, conn->sslcrl, sizeof(fnbuf)); - else if (have_homedir) - snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, ROOT_CRL_FILE); - else - fnbuf[0] = '\0'; - - /* Set the flags to check against the complete CRL chain */ - if (fnbuf[0] != '\0' && - X509_STORE_load_locations(cvstore, fnbuf, NULL) == 1) - { - /* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */ -#ifdef X509_V_FLAG_CRL_CHECK - X509_STORE_set_flags(cvstore, - X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); -#else - char *err = SSLerrmessage(ERR_get_error()); - - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("SSL library does not support CRL certificates (file \"%s\")\n"), - fnbuf); - SSLerrfree(err); -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - return -1; -#endif - } - /* if not found, silently ignore; we do not require CRL */ - } -#ifdef ENABLE_THREAD_SAFETY - pthread_mutex_unlock(&ssl_config_mutex); -#endif - + if (have_rootcert) SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, verify_cb); - } - else - { - /* - * stat() failed; assume root file doesn't exist. If sslmode is - * verify-ca or verify-full, this is an error. Otherwise, continue - * without performing any server cert verification. - */ - if (conn->sslmode[0] == 'v') /* "verify-ca" or "verify-full" */ - { - /* - * The only way to reach here with an empty filename is if - * pqGetHomeDirectory failed. That's a sufficiently unusual case - * that it seems worth having a specialized error message for it. - */ - if (fnbuf[0] == '\0') - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not get home directory to locate root certificate file\n" - "Either provide the file or change sslmode to disable server certificate verification.\n")); - else - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("root certificate file \"%s\" does not exist\n" - "Either provide the file or change sslmode to disable server certificate verification.\n"), fnbuf); - return -1; - } - } /* * If the OpenSSL version used supports it (from 1.0.0 on) and the user @@ -1621,15 +1567,19 @@ PQsslAttribute(PGconn *conn, const char *attribute_name) * to retry; do we need to adopt their logic for that? */ -static bool my_bio_initialized = false; -static BIO_METHOD my_bio_methods; +#ifndef HAVE_BIO_GET_DATA +#define BIO_get_data(bio) (bio->ptr) +#define BIO_set_data(bio, data) (bio->ptr = data) +#endif + +static BIO_METHOD *my_bio_methods; static int my_sock_read(BIO *h, char *buf, int size) { int res; - res = pqsecure_raw_read((PGconn *) h->ptr, buf, size); + res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size); BIO_clear_retry_flags(h); if (res < 0) { @@ -1659,7 +1609,7 @@ my_sock_write(BIO *h, const char *buf, int size) { int res; - res = pqsecure_raw_write((PGconn *) h->ptr, buf, size); + res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size); BIO_clear_retry_flags(h); if (res <= 0) { @@ -1687,14 +1637,46 @@ my_sock_write(BIO *h, const char *buf, int size) static BIO_METHOD * my_BIO_s_socket(void) { - if (!my_bio_initialized) + if (!my_bio_methods) { - memcpy(&my_bio_methods, BIO_s_socket(), sizeof(BIO_METHOD)); - my_bio_methods.bread = my_sock_read; - my_bio_methods.bwrite = my_sock_write; - my_bio_initialized = true; + BIO_METHOD *biom = (BIO_METHOD *) BIO_s_socket(); +#ifdef HAVE_BIO_METH_NEW + int my_bio_index; + + my_bio_index = BIO_get_new_index(); + if (my_bio_index == -1) + return NULL; + my_bio_methods = BIO_meth_new(my_bio_index, "libpq socket"); + if (!my_bio_methods) + return NULL; + + /* + * As of this writing, these functions never fail. But check anyway, + * like OpenSSL's own examples do. + */ + if (!BIO_meth_set_write(my_bio_methods, my_sock_write) || + !BIO_meth_set_read(my_bio_methods, my_sock_read) || + !BIO_meth_set_gets(my_bio_methods, BIO_meth_get_gets(biom)) || + !BIO_meth_set_puts(my_bio_methods, BIO_meth_get_puts(biom)) || + !BIO_meth_set_ctrl(my_bio_methods, BIO_meth_get_ctrl(biom)) || + !BIO_meth_set_create(my_bio_methods, BIO_meth_get_create(biom)) || + !BIO_meth_set_destroy(my_bio_methods, BIO_meth_get_destroy(biom)) || + !BIO_meth_set_callback_ctrl(my_bio_methods, BIO_meth_get_callback_ctrl(biom))) + { + BIO_meth_free(my_bio_methods); + my_bio_methods = NULL; + return NULL; + } +#else + my_bio_methods = malloc(sizeof(BIO_METHOD)); + if (!my_bio_methods) + return NULL; + memcpy(my_bio_methods, biom, sizeof(BIO_METHOD)); + my_bio_methods->bread = my_sock_read; + my_bio_methods->bwrite = my_sock_write; +#endif } - return &my_bio_methods; + return my_bio_methods; } /* This should exactly match openssl's SSL_set_fd except for using my BIO */ @@ -1702,16 +1684,22 @@ static int my_SSL_set_fd(PGconn *conn, int fd) { int ret = 0; - BIO *bio = NULL; + BIO *bio; + BIO_METHOD *bio_method; - bio = BIO_new(my_BIO_s_socket()); + bio_method = my_BIO_s_socket(); + if (bio_method == NULL) + { + SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); + goto err; + } + bio = BIO_new(bio_method); if (bio == NULL) { SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB); goto err; } - /* Use 'ptr' to store pointer to PGconn */ - bio->ptr = conn; + BIO_set_data(bio, conn); SSL_set_bio(conn->ssl, bio, bio); BIO_set_fd(bio, fd, BIO_NOCLOSE); diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 94e47a50ed..8f0d892a34 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -6,7 +6,7 @@ * message integrity and endpoint authentication. * * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * diff --git a/src/interfaces/libpq/libpq-events.c b/src/interfaces/libpq/libpq-events.c index 6db3e943fd..e533017a03 100644 --- a/src/interfaces/libpq/libpq-events.c +++ b/src/interfaces/libpq/libpq-events.c @@ -3,7 +3,7 @@ * libpq-events.c * functions for supporting the libpq "events" API * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * diff --git a/src/interfaces/libpq/libpq-events.h b/src/interfaces/libpq/libpq-events.h index e2bdb280ec..b7cd472dea 100644 --- a/src/interfaces/libpq/libpq-events.h +++ b/src/interfaces/libpq/libpq-events.h @@ -5,7 +5,7 @@ * that invoke the libpq "events" API, but are not interesting to * ordinary users of libpq. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/libpq-events.h diff --git a/src/interfaces/libpq/libpq-fe.h b/src/interfaces/libpq/libpq-fe.h index 9ca0756c4b..e7496c59db 100644 --- a/src/interfaces/libpq/libpq-fe.h +++ b/src/interfaces/libpq/libpq-fe.h @@ -4,7 +4,7 @@ * This file contains definitions for structures and * externs for functions used by frontend postgres applications. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/libpq-fe.h @@ -62,7 +62,11 @@ typedef enum * backend startup. */ CONNECTION_SETENV, /* Negotiating environment. */ CONNECTION_SSL_STARTUP, /* Negotiating SSL. */ - CONNECTION_NEEDED /* Internal state: connect() needed */ + CONNECTION_NEEDED, /* Internal state: connect() needed */ + CONNECTION_CHECK_WRITABLE, /* Check if we could make a writable + * connection. */ + CONNECTION_CONSUME /* Wait for any pending message and consume + * them. */ } ConnStatusType; typedef enum @@ -593,6 +597,7 @@ extern int PQenv2encoding(void); /* === in fe-auth.c === */ extern char *PQencryptPassword(const char *passwd, const char *user); +extern char *PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user, const char *algorithm); /* === in encnames.c === */ diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index 1183323a44..335568b790 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -9,7 +9,7 @@ * more likely to break across PostgreSQL releases than code that uses * only the official API. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/libpq-int.h @@ -21,11 +21,9 @@ #define LIBPQ_INT_H /* We assume libpq-fe.h has already been included. */ -#include "postgres_fe.h" #include "libpq-events.h" #include <time.h> -#include <sys/types.h> #ifndef WIN32 #include <sys/time.h> #endif @@ -55,7 +53,7 @@ #ifdef ENABLE_SSPI #define SECURITY_WIN32 -#if defined(WIN32) && !defined(WIN32_ONLY_COMPILER) +#if defined(WIN32) && !defined(_MSC_VER) #include <ntsecapi.h> #endif #include <security.h> @@ -77,7 +75,7 @@ typedef struct #include <openssl/ssl.h> #include <openssl/err.h> -#if (SSLEAY_VERSION_NUMBER >= 0x00907000L) && !defined(OPENSSL_NO_ENGINE) +#ifndef OPENSSL_NO_ENGINE #define USE_SSL_ENGINE #endif #endif /* USE_OPENSSL */ @@ -292,6 +290,30 @@ typedef struct pgDataValue const char *value; /* data value, without zero-termination */ } PGdataValue; +typedef enum pg_conn_host_type +{ + CHT_HOST_NAME, + CHT_HOST_ADDRESS, + CHT_UNIX_SOCKET +} pg_conn_host_type; + +/* + * pg_conn_host stores all information about one of possibly several hosts + * mentioned in the connection string. Derived by splitting the pghost + * on the comma character and then parsing each segment. + */ +typedef struct pg_conn_host +{ + char *host; /* host name or address, or socket path */ + pg_conn_host_type type; /* type of host */ + char *port; /* port number for this host; if not NULL, + * overrides the PGConn's pgport */ + char *password; /* password for this host, read from the + * password file. only set if the PGconn's + * pgpass field is NULL. */ + struct addrinfo *addrlist; /* list of possible backend addresses */ +} pg_conn_host; + /* * PGconn stores all the state data associated with a single connection * to a backend. @@ -299,13 +321,15 @@ typedef struct pgDataValue struct pg_conn { /* Saved values of connection options */ - char *pghost; /* the machine on which the server is running */ + char *pghost; /* the machine on which the server is running, + * or a path to a UNIX-domain socket, or a + * comma-separated list of machines and/or + * paths, optionally with port suffixes; if + * NULL, use DEFAULT_PGSOCKET_DIR */ char *pghostaddr; /* the numeric IP address of the machine on * which the server is running. Takes * precedence over above. */ char *pgport; /* the server's communication port number */ - char *pgunixsocket; /* the directory of the server's Unix-domain - * socket; if NULL, use DEFAULT_PGSOCKET_DIR */ char *pgtty; /* tty on which the backend messages is * displayed (OBSOLETE, NOT USED) */ char *connect_timeout; /* connection timeout (numeric string) */ @@ -317,6 +341,7 @@ struct pg_conn char *replication; /* connect as the replication standby? */ char *pguser; /* Postgres username and password, if any */ char *pgpass; + char *pgpassfile; /* path to a file containing password(s) */ char *keepalives; /* use TCP keepalives? */ char *keepalives_idle; /* time between TCP keepalives */ char *keepalives_interval; /* time between TCP keepalive @@ -335,6 +360,9 @@ struct pg_conn char *krbsrvname; /* Kerberos service name */ #endif + /* Type of connection to make. Possible values: any, read-write. */ + char *target_session_attrs; + /* Optional file to write trace info to */ FILE *Pfdebug; @@ -363,8 +391,12 @@ struct pg_conn PGnotify *notifyHead; /* oldest unreported Notify msg */ PGnotify *notifyTail; /* newest unreported Notify msg */ + /* Support for multiple hosts in connection string */ + int nconnhost; /* # of possible hosts */ + int whichhost; /* host we're currently considering */ + pg_conn_host *connhost; /* details about each possible host */ + /* Connection data */ - /* See PQconnectPoll() for how we use 'int' and not 'pgsocket'. */ pgsocket sock; /* FD for socket, PGINVALID_SOCKET if * unconnected */ SockAddr laddr; /* Local address */ @@ -374,14 +406,12 @@ struct pg_conn bool auth_req_received; /* true if any type of auth req * received */ bool password_needed; /* true if server demanded a password */ - bool dot_pgpass_used; /* true if used .pgpass */ + bool pgpassfile_used; /* true if password is from pgpassfile */ bool sigpipe_so; /* have we masked SIGPIPE via SO_NOSIGPIPE? */ bool sigpipe_flag; /* can we mask SIGPIPE via MSG_NOSIGNAL? */ /* Transient state needed while establishing connection */ - struct addrinfo *addrlist; /* list of possible backend addresses */ - struct addrinfo *addr_cur; /* the one currently being tried */ - int addrlist_family; /* needed to know how to free addrlist */ + struct addrinfo *addr_cur; /* backend address currently being tried */ PGSetenvStatusType setenv_state; /* for 2.0 protocol only */ const PQEnvironmentOption *next_eo; bool send_appname; /* okay to send application_name? */ @@ -389,7 +419,6 @@ struct pg_conn /* Miscellaneous stuff */ int be_pid; /* PID of backend --- needed for cancels */ int be_key; /* key of backend --- needed for cancels */ - char md5Salt[4]; /* password salt received from backend */ pgParameterStatus *pstatus; /* ParameterStatus data */ int client_encoding; /* encoding id */ bool std_strings; /* standard_conforming_strings */ @@ -422,7 +451,8 @@ struct pg_conn PGresult *result; /* result being constructed */ PGresult *next_result; /* next result (used in single-row mode) */ - /* Assorted state for SSL, GSS, etc */ + /* Assorted state for SASL, SSL, GSS, etc */ + void *sasl_state; #ifdef USE_SSL bool allow_ssl_try; /* Allowed to try SSL negotiation */ @@ -444,15 +474,11 @@ struct pg_conn #ifdef ENABLE_GSS gss_ctx_id_t gctx; /* GSS context */ gss_name_t gtarg_nam; /* GSS target name */ - gss_buffer_desc ginbuf; /* GSS input token */ - gss_buffer_desc goutbuf; /* GSS output token */ #endif #ifdef ENABLE_SSPI -#ifndef ENABLE_GSS - gss_buffer_desc ginbuf; /* GSS input token */ -#else - char *gsslib; /* What GSS librart to use ("gssapi" or +#ifdef ENABLE_GSS + char *gsslib; /* What GSS library to use ("gssapi" or * "sspi") */ #endif CredHandle *sspicred; /* SSPI credentials handle */ @@ -634,7 +660,7 @@ extern void pq_reset_sigpipe(sigset_t *osigset, bool sigpipe_pending, #endif /* - * The SSL implementatation provides these functions (fe-secure-openssl.c) + * The SSL implementation provides these functions (fe-secure-openssl.c) */ extern void pgtls_init_library(bool do_ssl, int do_crypto); extern int pgtls_init(PGconn *conn); diff --git a/src/interfaces/libpq/libpq.rc.in b/src/interfaces/libpq/libpq.rc.in index e41a1a27f4..761acd4608 100644 --- a/src/interfaces/libpq/libpq.rc.in +++ b/src/interfaces/libpq/libpq.rc.in @@ -1,8 +1,8 @@ #include <winver.h> VS_VERSION_INFO VERSIONINFO - FILEVERSION 9,6,0,0 - PRODUCTVERSION 9,6,0,0 + FILEVERSION 10,0,0,0 + PRODUCTVERSION 10,0,0,0 FILEFLAGSMASK 0x3fL FILEFLAGS 0 FILEOS VOS__WINDOWS32 @@ -15,13 +15,13 @@ BEGIN BEGIN VALUE "CompanyName", "\0" VALUE "FileDescription", "PostgreSQL Access Library\0" - VALUE "FileVersion", "9.6.0\0" + VALUE "FileVersion", "10.0\0" VALUE "InternalName", "libpq\0" - VALUE "LegalCopyright", "Copyright (C) 2016\0" + VALUE "LegalCopyright", "Copyright (C) 2017\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libpq.dll\0" VALUE "ProductName", "PostgreSQL\0" - VALUE "ProductVersion", "9.6.0\0" + VALUE "ProductVersion", "10.0\0" END END BLOCK "VarFileInfo" diff --git a/src/interfaces/libpq/po/de.po b/src/interfaces/libpq/po/de.po index 0b602fb6e0..36b843dafc 100644 --- a/src/interfaces/libpq/po/de.po +++ b/src/interfaces/libpq/po/de.po @@ -1,14 +1,14 @@ # German message translation file for libpq -# Peter Eisentraut <peter_e@gmx.net>, 2001 - 2016. +# Peter Eisentraut <peter_e@gmx.net>, 2001 - 2017. # # Use these quotes: »%s« # msgid "" msgstr "" -"Project-Id-Version: PostgreSQL 9.6\n" +"Project-Id-Version: PostgreSQL 10\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" -"POT-Creation-Date: 2016-04-23 21:08+0000\n" -"PO-Revision-Date: 2016-04-23 21:21-0400\n" +"POT-Creation-Date: 2017-05-13 07:08+0000\n" +"PO-Revision-Date: 2017-05-13 09:23-0400\n" "Last-Translator: Peter Eisentraut <peter_e@gmx.net>\n" "Language-Team: German <peter_e@gmx.net>\n" "Language: de\n" @@ -16,101 +16,157 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -#: fe-auth.c:148 +#: fe-auth.c:122 +#, c-format +msgid "out of memory allocating GSSAPI buffer (%d)\n" +msgstr "Speicher aufgebraucht beim Anlegen des GSSAPI-Puffers (%d)\n" + +#: fe-auth.c:172 msgid "GSSAPI continuation error" msgstr "GSSAPI-Fortsetzungsfehler" -#: fe-auth.c:177 fe-auth.c:412 +#: fe-auth.c:202 fe-auth.c:451 msgid "host name must be specified\n" msgstr "Hostname muss angegeben werden\n" -#: fe-auth.c:184 +#: fe-auth.c:209 msgid "duplicate GSS authentication request\n" msgstr "doppelte GSSAPI-Authentifizierungsanfrage\n" -#: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 -#: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 -#: fe-connect.c:2091 fe-connect.c:3484 fe-connect.c:3736 fe-connect.c:3855 -#: fe-connect.c:4095 fe-connect.c:4175 fe-connect.c:4274 fe-connect.c:4526 -#: fe-connect.c:4555 fe-connect.c:4627 fe-connect.c:4645 fe-connect.c:4741 -#: fe-connect.c:5075 fe-connect.c:5225 fe-exec.c:2634 fe-exec.c:3381 -#: fe-exec.c:3546 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 -#: fe-protocol3.c:1678 fe-secure-openssl.c:551 fe-secure-openssl.c:1093 +#: fe-auth.c:222 fe-auth.c:357 fe-auth.c:422 fe-auth.c:457 fe-auth.c:599 +#: fe-auth.c:758 fe-auth.c:1070 fe-auth.c:1217 fe-connect.c:712 +#: fe-connect.c:1091 fe-connect.c:1267 fe-connect.c:1803 fe-connect.c:2331 +#: fe-connect.c:3932 fe-connect.c:4184 fe-connect.c:4303 fe-connect.c:4543 +#: fe-connect.c:4623 fe-connect.c:4722 fe-connect.c:4978 fe-connect.c:5007 +#: fe-connect.c:5079 fe-connect.c:5103 fe-connect.c:5121 fe-connect.c:5222 +#: fe-connect.c:5231 fe-connect.c:5587 fe-connect.c:5737 fe-exec.c:2651 +#: fe-exec.c:3398 fe-exec.c:3563 fe-lobj.c:896 fe-protocol2.c:1206 +#: fe-protocol3.c:992 fe-protocol3.c:1678 fe-secure-openssl.c:514 +#: fe-secure-openssl.c:1137 msgid "out of memory\n" msgstr "Speicher aufgebraucht\n" -#: fe-auth.c:210 +#: fe-auth.c:235 msgid "GSSAPI name import error" msgstr "GSSAPI-Namensimportfehler" #: fe-auth.c:298 +#, c-format +msgid "out of memory allocating SSPI buffer (%d)\n" +msgstr "Speicher aufgebraucht beim Anlegen des SSPI-Puffers (%d)\n" + +#: fe-auth.c:346 msgid "SSPI continuation error" msgstr "SSPI-Fortsetzungsfehler" -#: fe-auth.c:398 +#: fe-auth.c:437 msgid "could not acquire SSPI credentials" msgstr "konnte SSPI-Credentials nicht erhalten" -#: fe-auth.c:489 +#: fe-auth.c:490 +msgid "duplicate SASL authentication request\n" +msgstr "doppelte SASL-Authentifizierungsanfrage\n" + +#: fe-auth.c:550 +msgid "none of the server's SASL authentication mechanisms are supported\n" +msgstr "keine der SASL-Authentifizierungsmechanismen des Servers werden unterstützt\n" + +#: fe-auth.c:623 +#, c-format +msgid "out of memory allocating SASL buffer (%d)\n" +msgstr "Speicher aufgebraucht beim Anlegen des SASL-Puffers (%d)\n" + +#: fe-auth.c:648 +msgid "AuthenticationSASLFinal received from server, but SASL authentication was not completed\n" +msgstr "AuthenticationSASLFinal vom Server empfangen, aber SASL-Authentifizierung war noch nicht abgeschlossen\n" + +#: fe-auth.c:725 msgid "SCM_CRED authentication method not supported\n" msgstr "SCM_CRED-Authentifizierungsmethode nicht unterstützt\n" -#: fe-auth.c:565 +#: fe-auth.c:816 msgid "Kerberos 4 authentication not supported\n" msgstr "Authentifizierung mit Kerberos 4 nicht unterstützt\n" -#: fe-auth.c:570 +#: fe-auth.c:821 msgid "Kerberos 5 authentication not supported\n" msgstr "Authentifizierung mit Kerberos 5 nicht unterstützt\n" -#: fe-auth.c:641 +#: fe-auth.c:892 msgid "GSSAPI authentication not supported\n" msgstr "Authentifizierung mit GSSAPI nicht unterstützt\n" -#: fe-auth.c:673 +#: fe-auth.c:924 msgid "SSPI authentication not supported\n" msgstr "Authentifizierung mit SSPI nicht unterstützt\n" -#: fe-auth.c:681 +#: fe-auth.c:932 msgid "Crypt authentication not supported\n" msgstr "Authentifizierung mit Crypt nicht unterstützt\n" -#: fe-auth.c:708 +#: fe-auth.c:998 #, c-format msgid "authentication method %u not supported\n" msgstr "Authentifizierungsmethode %u nicht unterstützt\n" -#: fe-auth.c:755 +#: fe-auth.c:1045 #, c-format msgid "user name lookup failure: error code %lu\n" msgstr "Fehler beim Nachschlagen des Benutzernamens: Fehlercode %lu\n" -#: fe-auth.c:765 fe-connect.c:2018 +#: fe-auth.c:1055 fe-connect.c:2258 #, c-format msgid "could not look up local user ID %d: %s\n" msgstr "konnte lokale Benutzer-ID %d nicht nachschlagen: %s\n" -#: fe-auth.c:770 fe-connect.c:2023 +#: fe-auth.c:1060 fe-connect.c:2263 #, c-format msgid "local user with ID %d does not exist\n" msgstr "lokaler Benutzer mit ID %d existiert nicht\n" -#: fe-connect.c:846 +#: fe-auth.c:1162 +msgid "unexpected shape of result set returned for SHOW\n" +msgstr "unerwartete Form der Ergebnismenge von SHOW\n" + +#: fe-auth.c:1171 +msgid "password_encryption value too long\n" +msgstr "Wert von password_encryption ist zu lang\n" + +#: fe-auth.c:1211 +msgid "unknown password encryption algorithm\n" +msgstr "unbekannter Passwortverschlüsselungsalgorithmus\n" + +#: fe-connect.c:914 +#, fuzzy, c-format +#| msgid "could not import the requested snapshot" +msgid "could not match %d port numbers to %d hosts\n" +msgstr "konnte den angeforderten Snapshot nicht importieren" + +#: fe-connect.c:966 +msgid "could not get home directory to locate password file\n" +msgstr "konnte Home-Verzeichnis nicht ermitteln, um Passwortdatei zu finden\n" + +#: fe-connect.c:1017 #, c-format msgid "invalid sslmode value: \"%s\"\n" msgstr "ungültiger sslmode-Wert: »%s«\n" -#: fe-connect.c:867 +#: fe-connect.c:1038 #, c-format msgid "sslmode value \"%s\" invalid when SSL support is not compiled in\n" msgstr "sslmode-Wert »%s« ist ungültig, wenn SSL-Unterstützung nicht einkompiliert worden ist\n" -#: fe-connect.c:1104 +#: fe-connect.c:1073 +#, c-format +msgid "invalid target_session_attrs value: \"%s\"\n" +msgstr "ungültiger target_session_attrs-Wert: »%s«\n" + +#: fe-connect.c:1291 #, c-format msgid "could not set socket to TCP no delay mode: %s\n" msgstr "konnte Socket nicht auf TCP »No Delay«-Modus umstellen: %s\n" -#: fe-connect.c:1134 +#: fe-connect.c:1321 #, c-format msgid "" "could not connect to server: %s\n" @@ -121,7 +177,7 @@ msgstr "" "\tLäuft der Server lokal und akzeptiert er Verbindungen\n" "\tauf dem Unix-Domain-Socket »%s«?\n" -#: fe-connect.c:1189 +#: fe-connect.c:1376 #, c-format msgid "" "could not connect to server: %s\n" @@ -132,7 +188,7 @@ msgstr "" "\tLäuft der Server auf dem Host »%s« (%s) und akzeptiert er\n" "\tTCP/IP-Verbindungen auf Port %s?\n" -#: fe-connect.c:1198 +#: fe-connect.c:1385 #, c-format msgid "" "could not connect to server: %s\n" @@ -143,300 +199,306 @@ msgstr "" "\tLäuft der Server auf dem Host »%s« und akzeptiert er\n" "\tTCP/IP-Verbindungen auf Port %s?\n" -#: fe-connect.c:1249 +#: fe-connect.c:1436 #, c-format msgid "setsockopt(TCP_KEEPIDLE) failed: %s\n" msgstr "setsockopt(TCP_KEEPIDLE) fehlgeschlagen: %s\n" -#: fe-connect.c:1262 +#: fe-connect.c:1449 #, c-format msgid "setsockopt(TCP_KEEPALIVE) failed: %s\n" msgstr "setsockopt(TCP_KEEPALIVE) fehlgeschlagen: %s\n" -#: fe-connect.c:1294 +#: fe-connect.c:1481 #, c-format msgid "setsockopt(TCP_KEEPINTVL) failed: %s\n" msgstr "setsockopt(TCP_KEEPINTVL) fehlgeschlagen: %s\n" -#: fe-connect.c:1326 +#: fe-connect.c:1513 #, c-format msgid "setsockopt(TCP_KEEPCNT) failed: %s\n" msgstr "setsockopt(TCP_KEEPCNT) fehlgeschlagen: %s\n" -#: fe-connect.c:1374 +#: fe-connect.c:1561 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" msgstr "WSAIoctl(SIO_KEEPALIVE_VALS) fehlgeschlagen: %ui\n" -#: fe-connect.c:1426 +#: fe-connect.c:1619 #, c-format msgid "invalid port number: \"%s\"\n" msgstr "ungültige Portnummer: »%s«\n" -#: fe-connect.c:1459 +#: fe-connect.c:1643 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" msgstr "Unix-Domain-Socket-Pfad »%s« ist zu lang (maximal %d Bytes)\n" -#: fe-connect.c:1478 +#: fe-connect.c:1661 #, c-format msgid "could not translate host name \"%s\" to address: %s\n" msgstr "konnte Hostnamen »%s« nicht in Adresse übersetzen: %s\n" -#: fe-connect.c:1482 +#: fe-connect.c:1665 #, c-format msgid "could not translate Unix-domain socket path \"%s\" to address: %s\n" msgstr "konnte Unix-Domain-Socket-Pfad »%s« nicht in Adresse übersetzen: %s\n" -#: fe-connect.c:1687 +#: fe-connect.c:1909 msgid "invalid connection state, probably indicative of memory corruption\n" msgstr "ungültiger Verbindungszustand, möglicherweise ein Speicherproblem\n" -#: fe-connect.c:1727 +#: fe-connect.c:1966 #, c-format msgid "could not create socket: %s\n" msgstr "konnte Socket nicht erzeugen: %s\n" -#: fe-connect.c:1749 +#: fe-connect.c:1988 #, c-format msgid "could not set socket to nonblocking mode: %s\n" msgstr "konnte Socket nicht auf nicht-blockierenden Modus umstellen: %s\n" -#: fe-connect.c:1760 +#: fe-connect.c:1999 #, c-format msgid "could not set socket to close-on-exec mode: %s\n" msgstr "konnte Socket nicht auf »Close on exec«-Modus umstellen: %s\n" -#: fe-connect.c:1779 +#: fe-connect.c:2018 msgid "keepalives parameter must be an integer\n" msgstr "Parameter »keepalives« muss eine ganze Zahl sein\n" -#: fe-connect.c:1792 +#: fe-connect.c:2031 #, c-format msgid "setsockopt(SO_KEEPALIVE) failed: %s\n" msgstr "setsockopt(SO_KEEPALIVE) fehlgeschlagen: %s\n" -#: fe-connect.c:1929 +#: fe-connect.c:2168 #, c-format msgid "could not get socket error status: %s\n" msgstr "konnte Socket-Fehlerstatus nicht ermitteln: %s\n" -#: fe-connect.c:1963 +#: fe-connect.c:2203 #, c-format msgid "could not get client address from socket: %s\n" msgstr "konnte Client-Adresse vom Socket nicht ermitteln: %s\n" -#: fe-connect.c:2005 +#: fe-connect.c:2245 msgid "requirepeer parameter is not supported on this platform\n" msgstr "Parameter »requirepeer« wird auf dieser Plattform nicht unterstützt\n" -#: fe-connect.c:2008 +#: fe-connect.c:2248 #, c-format msgid "could not get peer credentials: %s\n" msgstr "konnte Credentials von Gegenstelle nicht ermitteln: %s\n" -#: fe-connect.c:2031 +#: fe-connect.c:2271 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" msgstr "requirepeer gibt »%s« an, aber tatsächlicher Benutzername der Gegenstelle ist »%s«\n" -#: fe-connect.c:2065 +#: fe-connect.c:2305 #, c-format msgid "could not send SSL negotiation packet: %s\n" msgstr "konnte Paket zur SSL-Verhandlung nicht senden: %s\n" -#: fe-connect.c:2104 +#: fe-connect.c:2344 #, c-format msgid "could not send startup packet: %s\n" msgstr "konnte Startpaket nicht senden: %s\n" -#: fe-connect.c:2174 +#: fe-connect.c:2414 msgid "server does not support SSL, but SSL was required\n" msgstr "Server unterstützt kein SSL, aber SSL wurde verlangt\n" -#: fe-connect.c:2200 +#: fe-connect.c:2440 #, c-format msgid "received invalid response to SSL negotiation: %c\n" msgstr "ungültige Antwort auf SSL-Verhandlungspaket empfangen: %c\n" -#: fe-connect.c:2275 fe-connect.c:2308 +#: fe-connect.c:2516 fe-connect.c:2549 #, c-format msgid "expected authentication request from server, but received %c\n" msgstr "Authentifizierungsanfrage wurde vom Server erwartet, aber %c wurde empfangen\n" -#: fe-connect.c:2475 -#, c-format -msgid "out of memory allocating GSSAPI buffer (%d)" -msgstr "Speicher aufgebraucht beim Anlegen des GSSAPI-Puffers (%d)" - -#: fe-connect.c:2560 +#: fe-connect.c:2778 msgid "unexpected message from server during startup\n" msgstr "unerwartete Nachricht vom Server beim Start\n" -#: fe-connect.c:2654 +#: fe-connect.c:2982 +#, fuzzy, c-format +#| msgid "could not connect to server: %s" +msgid "could not make a writable connection to server \"%s:%s\"\n" +msgstr "konnte nicht mit Server verbinden: %s" + +#: fe-connect.c:3024 +#, c-format +msgid "test \"show transaction_read_only\" failed on \"%s:%s\"\n" +msgstr "" + +#: fe-connect.c:3046 #, c-format msgid "invalid connection state %d, probably indicative of memory corruption\n" msgstr "ungültiger Verbindungszustand %d, möglicherweise ein Speicherproblem\n" -#: fe-connect.c:3090 fe-connect.c:3150 +#: fe-connect.c:3538 fe-connect.c:3598 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" msgstr "PGEventProc »%s« während PGEVT_CONNRESET-Ereignis fehlgeschlagen\n" -#: fe-connect.c:3497 +#: fe-connect.c:3945 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" msgstr "ungültige LDAP-URL »%s«: Schema muss ldap:// sein\n" -#: fe-connect.c:3512 +#: fe-connect.c:3960 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" msgstr "ungültige LDAP-URL »%s«: Distinguished Name fehlt\n" -#: fe-connect.c:3523 fe-connect.c:3576 +#: fe-connect.c:3971 fe-connect.c:4024 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" msgstr "ungültige LDAP-URL »%s«: muss genau ein Attribut haben\n" -#: fe-connect.c:3533 fe-connect.c:3590 +#: fe-connect.c:3981 fe-connect.c:4038 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" msgstr "ungültige LDAP-URL »%s«: Suchbereich fehlt (base/one/sub)\n" -#: fe-connect.c:3544 +#: fe-connect.c:3992 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" msgstr "ungültige LDAP-URL »%s«: kein Filter\n" -#: fe-connect.c:3565 +#: fe-connect.c:4013 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" msgstr "ungültige LDAP-URL »%s«: ungültige Portnummer\n" -#: fe-connect.c:3599 +#: fe-connect.c:4047 msgid "could not create LDAP structure\n" msgstr "konnte LDAP-Struktur nicht erzeugen\n" -#: fe-connect.c:3675 +#: fe-connect.c:4123 #, c-format msgid "lookup on LDAP server failed: %s\n" msgstr "Suche auf LDAP-Server fehlgeschlagen: %s\n" -#: fe-connect.c:3686 +#: fe-connect.c:4134 msgid "more than one entry found on LDAP lookup\n" msgstr "LDAP-Suche ergab mehr als einen Eintrag\n" -#: fe-connect.c:3687 fe-connect.c:3699 +#: fe-connect.c:4135 fe-connect.c:4147 msgid "no entry found on LDAP lookup\n" msgstr "kein Eintrag gefunden bei LDAP-Suche\n" -#: fe-connect.c:3710 fe-connect.c:3723 +#: fe-connect.c:4158 fe-connect.c:4171 msgid "attribute has no values on LDAP lookup\n" msgstr "Attribut hat keine Werte bei LDAP-Suche\n" -#: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 +#: fe-connect.c:4223 fe-connect.c:4242 fe-connect.c:4761 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" msgstr "fehlendes »=« nach »%s« in der Zeichenkette der Verbindungsdaten\n" -#: fe-connect.c:3867 fe-connect.c:4494 fe-connect.c:5208 +#: fe-connect.c:4315 fe-connect.c:4946 fe-connect.c:5720 #, c-format msgid "invalid connection option \"%s\"\n" msgstr "ungültige Verbindungsoption »%s«\n" -#: fe-connect.c:3883 fe-connect.c:4362 +#: fe-connect.c:4331 fe-connect.c:4810 msgid "unterminated quoted string in connection info string\n" msgstr "fehlendes schließendes Anführungszeichen (\") in der Zeichenkette der Verbindungsdaten\n" -#: fe-connect.c:3923 +#: fe-connect.c:4371 msgid "could not get home directory to locate service definition file" msgstr "konnte Home-Verzeichnis nicht ermitteln, um Servicedefinitionsdatei zu finden" -#: fe-connect.c:3956 +#: fe-connect.c:4404 #, c-format msgid "definition of service \"%s\" not found\n" msgstr "Definition von Service »%s« nicht gefunden\n" -#: fe-connect.c:3979 +#: fe-connect.c:4427 #, c-format msgid "service file \"%s\" not found\n" msgstr "Servicedatei »%s« nicht gefunden\n" -#: fe-connect.c:3992 +#: fe-connect.c:4440 #, c-format msgid "line %d too long in service file \"%s\"\n" msgstr "Zeile %d zu lang in Servicedatei »%s«\n" -#: fe-connect.c:4063 fe-connect.c:4107 +#: fe-connect.c:4511 fe-connect.c:4555 #, c-format msgid "syntax error in service file \"%s\", line %d\n" msgstr "Syntaxfehler in Servicedatei »%s«, Zeile %d\n" -#: fe-connect.c:4074 +#: fe-connect.c:4522 #, c-format msgid "nested service specifications not supported in service file \"%s\", line %d\n" msgstr "geschachtelte »service«-Definitionen werden nicht unterstützt in Servicedatei »%s«, Zeile %d\n" -#: fe-connect.c:4752 +#: fe-connect.c:5242 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" msgstr "ungültige URI an interne Parserroutine weitergeleitet: »%s«\n" -#: fe-connect.c:4822 +#: fe-connect.c:5319 #, c-format msgid "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n" msgstr "Ende der Eingabezeichenkette gefunden beim Suchen nach passendem »]« in IPv6-Hostadresse in URI: »%s«\n" -#: fe-connect.c:4829 +#: fe-connect.c:5326 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" msgstr "IPv6-Hostadresse darf nicht leer sein in URI: »%s«\n" -#: fe-connect.c:4844 +#: fe-connect.c:5341 #, c-format msgid "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n" msgstr "unerwartetes Zeichen »%c« an Position %d in URI (»:« oder »/« erwartet): »%s«\n" -#: fe-connect.c:4958 +#: fe-connect.c:5470 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "zusätzliches Schlüssel/Wert-Trennzeichen »=« in URI-Query-Parameter: »%s«\n" -#: fe-connect.c:4978 +#: fe-connect.c:5490 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "fehlendes Schlüssel/Wert-Trennzeichen »=« in URI-Query-Parameter: »%s«\n" -#: fe-connect.c:5029 +#: fe-connect.c:5541 #, c-format msgid "invalid URI query parameter: \"%s\"\n" msgstr "ungültiger URI-Query-Parameter: »%s«\n" -#: fe-connect.c:5103 +#: fe-connect.c:5615 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" msgstr "ungültiges Prozent-kodiertes Token: »%s«\n" -#: fe-connect.c:5113 +#: fe-connect.c:5625 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" msgstr "verbotener Wert %%00 in Prozent-kodiertem Wert: »%s«\n" -#: fe-connect.c:5447 +#: fe-connect.c:5970 msgid "connection pointer is NULL\n" msgstr "Verbindung ist ein NULL-Zeiger\n" -#: fe-connect.c:5745 +#: fe-connect.c:6268 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" msgstr "WARNUNG: Passwortdatei »%s« ist keine normale Datei\n" -#: fe-connect.c:5754 +#: fe-connect.c:6277 #, c-format msgid "WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "WARNUNG: Passwortdatei »%s« erlaubt Lesezugriff für Gruppe oder Andere; Rechte sollten u=rw (0600) oder weniger sein\n" -#: fe-connect.c:5860 +#: fe-connect.c:6369 #, c-format msgid "password retrieved from file \"%s\"\n" msgstr "Passwort wurde aus Datei »%s« gelesen\n" @@ -445,98 +507,98 @@ msgstr "Passwort wurde aus Datei »%s« gelesen\n" msgid "NOTICE" msgstr "HINWEIS" -#: fe-exec.c:1123 fe-exec.c:1181 fe-exec.c:1227 +#: fe-exec.c:1141 fe-exec.c:1199 fe-exec.c:1245 msgid "command string is a null pointer\n" msgstr "Befehlszeichenkette ist ein NULL-Zeiger\n" -#: fe-exec.c:1187 fe-exec.c:1233 fe-exec.c:1328 +#: fe-exec.c:1205 fe-exec.c:1251 fe-exec.c:1346 msgid "number of parameters must be between 0 and 65535\n" msgstr "Anzahl der Parameter muss zwischen 0 und 65535 sein\n" -#: fe-exec.c:1221 fe-exec.c:1322 +#: fe-exec.c:1239 fe-exec.c:1340 msgid "statement name is a null pointer\n" msgstr "Anweisungsname ist ein NULL-Zeiger\n" -#: fe-exec.c:1241 fe-exec.c:1405 fe-exec.c:2123 fe-exec.c:2322 +#: fe-exec.c:1259 fe-exec.c:1422 fe-exec.c:2140 fe-exec.c:2339 msgid "function requires at least protocol version 3.0\n" msgstr "Funktion erfordert mindestens Protokollversion 3.0\n" -#: fe-exec.c:1359 +#: fe-exec.c:1377 msgid "no connection to the server\n" msgstr "keine Verbindung mit dem Server\n" -#: fe-exec.c:1366 +#: fe-exec.c:1384 msgid "another command is already in progress\n" msgstr "ein anderer Befehl ist bereits in Ausführung\n" -#: fe-exec.c:1481 +#: fe-exec.c:1498 msgid "length must be given for binary parameter\n" msgstr "für binäre Parameter muss eine Länge angegeben werden\n" -#: fe-exec.c:1753 +#: fe-exec.c:1770 #, c-format msgid "unexpected asyncStatus: %d\n" msgstr "unerwarteter asyncStatus: %d\n" -#: fe-exec.c:1773 +#: fe-exec.c:1790 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" msgstr "PGEventProc »%s« während PGEVT_RESULTCREATE-Ereignis fehlgeschlagen\n" -#: fe-exec.c:1933 +#: fe-exec.c:1950 msgid "COPY terminated by new PQexec" msgstr "COPY von neuem PQexec beendet" -#: fe-exec.c:1941 +#: fe-exec.c:1958 msgid "COPY IN state must be terminated first\n" msgstr "COPY-IN-Zustand muss erst beendet werden\n" -#: fe-exec.c:1961 +#: fe-exec.c:1978 msgid "COPY OUT state must be terminated first\n" msgstr "COPY-OUT-Zustand muss erst beendet werden\n" -#: fe-exec.c:1969 +#: fe-exec.c:1986 msgid "PQexec not allowed during COPY BOTH\n" msgstr "PQexec ist während COPY BOTH nicht erlaubt\n" -#: fe-exec.c:2212 fe-exec.c:2279 fe-exec.c:2369 fe-protocol2.c:1352 +#: fe-exec.c:2229 fe-exec.c:2296 fe-exec.c:2386 fe-protocol2.c:1352 #: fe-protocol3.c:1817 msgid "no COPY in progress\n" msgstr "keine COPY in Ausführung\n" -#: fe-exec.c:2559 +#: fe-exec.c:2576 msgid "connection in wrong state\n" msgstr "Verbindung im falschen Zustand\n" -#: fe-exec.c:2590 +#: fe-exec.c:2607 msgid "invalid ExecStatusType code" msgstr "ungültiger ExecStatusType-Kode" -#: fe-exec.c:2617 +#: fe-exec.c:2634 msgid "PGresult is not an error result\n" msgstr "PGresult ist kein Fehlerresultat\n" -#: fe-exec.c:2692 fe-exec.c:2715 +#: fe-exec.c:2709 fe-exec.c:2732 #, c-format msgid "column number %d is out of range 0..%d" msgstr "Spaltennummer %d ist außerhalb des zulässigen Bereichs 0..%d" -#: fe-exec.c:2708 +#: fe-exec.c:2725 #, c-format msgid "row number %d is out of range 0..%d" msgstr "Zeilennummer %d ist außerhalb des zulässigen Bereichs 0..%d" -#: fe-exec.c:2730 +#: fe-exec.c:2747 #, c-format msgid "parameter number %d is out of range 0..%d" msgstr "Parameternummer %d ist außerhalb des zulässigen Bereichs 0..%d" -#: fe-exec.c:3040 +#: fe-exec.c:3057 #, c-format msgid "could not interpret result from server: %s" msgstr "konnte Ergebnis vom Server nicht interpretieren: %s" -#: fe-exec.c:3279 fe-exec.c:3363 +#: fe-exec.c:3296 fe-exec.c:3380 msgid "incomplete multibyte character\n" msgstr "unvollständiges Mehrbyte-Zeichen\n" @@ -623,21 +685,21 @@ msgstr "kann OID der Funktion loread nicht ermitteln\n" msgid "cannot determine OID of function lowrite\n" msgstr "kann OID der Funktion lowrite nicht ermitteln\n" -#: fe-misc.c:295 +#: fe-misc.c:292 #, c-format msgid "integer of size %lu not supported by pqGetInt" msgstr "Integer der Größe %lu wird von pqGetInt nicht unterstützt" -#: fe-misc.c:331 +#: fe-misc.c:328 #, c-format msgid "integer of size %lu not supported by pqPutInt" msgstr "Integer der Größe %lu wird von pqPutInt nicht unterstützt" -#: fe-misc.c:642 fe-misc.c:843 +#: fe-misc.c:639 fe-misc.c:840 msgid "connection not open\n" msgstr "Verbindung nicht offen\n" -#: fe-misc.c:812 fe-secure-openssl.c:270 fe-secure-openssl.c:379 +#: fe-misc.c:809 fe-secure-openssl.c:229 fe-secure-openssl.c:338 #: fe-secure.c:253 fe-secure.c:362 msgid "" "server closed the connection unexpectedly\n" @@ -648,15 +710,15 @@ msgstr "" "\tDas heißt wahrscheinlich, dass der Server abnormal beendete\n" "\tbevor oder während die Anweisung bearbeitet wurde.\n" -#: fe-misc.c:1016 +#: fe-misc.c:1013 msgid "timeout expired\n" msgstr "Timeout abgelaufen\n" -#: fe-misc.c:1061 +#: fe-misc.c:1058 msgid "invalid socket\n" msgstr "ungültiges Socket\n" -#: fe-misc.c:1084 +#: fe-misc.c:1081 #, c-format msgid "select() failed: %s\n" msgstr "select() fehlgeschlagen: %s\n" @@ -837,153 +899,148 @@ msgstr "ZEILE %d: " msgid "PQgetline: not doing text COPY OUT\n" msgstr "PQgetline: Text COPY OUT nicht ausgeführt\n" -#: fe-secure-openssl.c:146 fe-secure-openssl.c:1030 fe-secure-openssl.c:1250 -#, c-format -msgid "could not acquire mutex: %s\n" -msgstr "konnte Mutex nicht sperren: %s\n" - -#: fe-secure-openssl.c:158 -#, c-format -msgid "could not establish SSL connection: %s\n" -msgstr "konnte SSL-Verbindung nicht aufbauen: %s\n" - -#: fe-secure-openssl.c:275 fe-secure-openssl.c:384 fe-secure-openssl.c:1376 +#: fe-secure-openssl.c:234 fe-secure-openssl.c:343 fe-secure-openssl.c:1321 #, c-format msgid "SSL SYSCALL error: %s\n" msgstr "SSL-SYSCALL-Fehler: %s\n" -#: fe-secure-openssl.c:282 fe-secure-openssl.c:391 fe-secure-openssl.c:1380 +#: fe-secure-openssl.c:241 fe-secure-openssl.c:350 fe-secure-openssl.c:1325 msgid "SSL SYSCALL error: EOF detected\n" msgstr "SSL-SYSCALL-Fehler: Dateiende entdeckt\n" -#: fe-secure-openssl.c:293 fe-secure-openssl.c:402 fe-secure-openssl.c:1389 +#: fe-secure-openssl.c:252 fe-secure-openssl.c:361 fe-secure-openssl.c:1334 #, c-format msgid "SSL error: %s\n" msgstr "SSL-Fehler: %s\n" -#: fe-secure-openssl.c:308 fe-secure-openssl.c:417 +#: fe-secure-openssl.c:267 fe-secure-openssl.c:376 msgid "SSL connection has been closed unexpectedly\n" msgstr "SSL-Verbindung wurde unerwartet geschlossen\n" -#: fe-secure-openssl.c:314 fe-secure-openssl.c:423 fe-secure-openssl.c:1398 +#: fe-secure-openssl.c:273 fe-secure-openssl.c:382 fe-secure-openssl.c:1343 #, c-format msgid "unrecognized SSL error code: %d\n" msgstr "unbekannter SSL-Fehlercode: %d\n" -#: fe-secure-openssl.c:535 +#: fe-secure-openssl.c:494 msgid "SSL certificate's name entry is missing\n" msgstr "Namenseintrag fehlt im SSL-Zertifikat\n" -#: fe-secure-openssl.c:565 +#: fe-secure-openssl.c:528 msgid "SSL certificate's name contains embedded null\n" msgstr "Name im SSL-Zertifikat enthält Null-Byte\n" -#: fe-secure-openssl.c:616 +#: fe-secure-openssl.c:580 msgid "host name must be specified for a verified SSL connection\n" msgstr "Hostname muss angegeben werden für eine verifizierte SSL-Verbindung\n" -#: fe-secure-openssl.c:716 +#: fe-secure-openssl.c:680 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" msgstr "Server-Zertifikat für »%s« stimmt nicht mit dem Hostnamen »%s« überein\n" -#: fe-secure-openssl.c:722 +#: fe-secure-openssl.c:686 msgid "could not get server's host name from server certificate\n" msgstr "konnte Hostnamen des Servers nicht aus dem Serverzertifikat ermitteln\n" -#: fe-secure-openssl.c:869 +#: fe-secure-openssl.c:928 #, c-format msgid "could not create SSL context: %s\n" msgstr "konnte SSL-Kontext nicht erzeugen: %s\n" -#: fe-secure-openssl.c:1000 +#: fe-secure-openssl.c:965 +#, c-format +msgid "could not read root certificate file \"%s\": %s\n" +msgstr "konnte Root-Zertifikat-Datei »%s« nicht lesen: %s\n" + +#: fe-secure-openssl.c:993 +#, c-format +msgid "SSL library does not support CRL certificates (file \"%s\")\n" +msgstr "SSL-Bibliothek unterstützt keine CRL-Zertifikate (Datei »%s«)\n" + +#: fe-secure-openssl.c:1021 +msgid "" +"could not get home directory to locate root certificate file\n" +"Either provide the file or change sslmode to disable server certificate verification.\n" +msgstr "" +"konnte Home-Verzeichnis nicht ermitteln, um Root-Zertifikat-Datei zu finden\n" +"Legen Sie entweder die Datei an oder ändern Sie sslmode, um die Überprüfung der Serverzertifikate abzuschalten.\n" + +#: fe-secure-openssl.c:1025 +#, c-format +msgid "" +"root certificate file \"%s\" does not exist\n" +"Either provide the file or change sslmode to disable server certificate verification.\n" +msgstr "" +"Root-Zertifikat-Datei »%s« existiert nicht\n" +"Legen Sie entweder die Datei an oder ändern Sie sslmode, um die Überprüfung der Serverzertifikate abzuschalten.\n" + +#: fe-secure-openssl.c:1056 #, c-format msgid "could not open certificate file \"%s\": %s\n" msgstr "konnte Zertifikatdatei »%s« nicht öffnen: %s\n" -#: fe-secure-openssl.c:1039 fe-secure-openssl.c:1054 +#: fe-secure-openssl.c:1075 #, c-format msgid "could not read certificate file \"%s\": %s\n" msgstr "konnte Zertifikatdatei »%s« nicht lesen: %s\n" -#: fe-secure-openssl.c:1109 +#: fe-secure-openssl.c:1099 +#, c-format +msgid "could not establish SSL connection: %s\n" +msgstr "konnte SSL-Verbindung nicht aufbauen: %s\n" + +#: fe-secure-openssl.c:1153 #, c-format msgid "could not load SSL engine \"%s\": %s\n" msgstr "konnte SSL-Engine »%s« nicht laden: %s\n" -#: fe-secure-openssl.c:1121 +#: fe-secure-openssl.c:1165 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" msgstr "konnte SSL-Engine »%s« nicht initialisieren: %s\n" -#: fe-secure-openssl.c:1137 +#: fe-secure-openssl.c:1181 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "konnte privaten SSL-Schlüssel »%s« nicht von Engine »%s« lesen: %s\n" -#: fe-secure-openssl.c:1151 +#: fe-secure-openssl.c:1195 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "konnte privaten SSL-Schlüssel »%s« nicht von Engine »%s« laden: %s\n" -#: fe-secure-openssl.c:1188 +#: fe-secure-openssl.c:1232 #, c-format msgid "certificate present, but not private key file \"%s\"\n" msgstr "Zertifikat vorhanden, aber keine private Schlüsseldatei »%s«\n" -#: fe-secure-openssl.c:1196 +#: fe-secure-openssl.c:1240 #, c-format msgid "private key file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "WARNUNG: private Schlüsseldatei »%s« erlaubt Lesezugriff für Gruppe oder Andere; Rechte sollten u=rw (0600) oder weniger sein\n" -#: fe-secure-openssl.c:1207 +#: fe-secure-openssl.c:1251 #, c-format msgid "could not load private key file \"%s\": %s\n" msgstr "konnte private Schlüsseldatei »%s« nicht laden: %s\n" -#: fe-secure-openssl.c:1221 +#: fe-secure-openssl.c:1265 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" msgstr "Zertifikat passt nicht zur privaten Schlüsseldatei »%s«: %s\n" -#: fe-secure-openssl.c:1259 -#, c-format -msgid "could not read root certificate file \"%s\": %s\n" -msgstr "konnte Root-Zertifikat-Datei »%s« nicht lesen: %s\n" - -#: fe-secure-openssl.c:1289 -#, c-format -msgid "SSL library does not support CRL certificates (file \"%s\")\n" -msgstr "SSL-Bibliothek unterstützt keine CRL-Zertifikate (Datei »%s«)\n" - -#: fe-secure-openssl.c:1322 -msgid "" -"could not get home directory to locate root certificate file\n" -"Either provide the file or change sslmode to disable server certificate verification.\n" -msgstr "" -"konnte Home-Verzeichnis nicht ermitteln, um Root-Zertifikat-Datei zu finden\n" -"Legen Sie entweder die Datei an oder ändern Sie sslmode, um die Überprüfung der Serverzertifikate abzuschalten.\n" - -#: fe-secure-openssl.c:1326 -#, c-format -msgid "" -"root certificate file \"%s\" does not exist\n" -"Either provide the file or change sslmode to disable server certificate verification.\n" -msgstr "" -"Root-Zertifikat-Datei »%s« existiert nicht\n" -"Legen Sie entweder die Datei an oder ändern Sie sslmode, um die Überprüfung der Serverzertifikate abzuschalten.\n" - -#: fe-secure-openssl.c:1419 +#: fe-secure-openssl.c:1364 #, c-format msgid "certificate could not be obtained: %s\n" msgstr "Zertifikat konnte nicht ermittelt werden: %s\n" -#: fe-secure-openssl.c:1511 +#: fe-secure-openssl.c:1456 #, c-format msgid "no SSL error reported" msgstr "kein SSL-Fehler berichtet" -#: fe-secure-openssl.c:1520 +#: fe-secure-openssl.c:1465 #, c-format msgid "SSL error code %lu" msgstr "SSL-Fehlercode %lu" diff --git a/src/interfaces/libpq/po/fr.po b/src/interfaces/libpq/po/fr.po index a1bc707d56..f591eb66a3 100644 --- a/src/interfaces/libpq/po/fr.po +++ b/src/interfaces/libpq/po/fr.po @@ -1,10 +1,10 @@ # translation of libpq.po to fr_fr # french message translation file for libpq # -# Use these quotes: %s +# Use these quotes: « %s » # # Guillaume Lelarge <guillaume@lelarge.info>, 2004-2009. -# Stphane Schildknecht <stephane.schildknecht@dalibo.com>, 2009. +# Stéphane Schildknecht <stephane.schildknecht@dalibo.com>, 2009. msgid "" msgstr "" "Project-Id-Version: PostgreSQL 9.6\n" @@ -15,7 +15,7 @@ msgstr "" "Language-Team: PostgreSQLfr <pgsql-fr-generale@postgresql.org>\n" "Language: fr\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Poedit 1.8.7.1\n" @@ -25,11 +25,11 @@ msgstr "erreur de suite GSSAPI" #: fe-auth.c:177 fe-auth.c:412 msgid "host name must be specified\n" -msgstr "le nom d'hte doit tre prcis\n" +msgstr "le nom d'hôte doit être précisé\n" #: fe-auth.c:184 msgid "duplicate GSS authentication request\n" -msgstr "requte d'authentification GSS duplique\n" +msgstr "requête d'authentification GSS dupliquée\n" #: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 #: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 @@ -40,7 +40,7 @@ msgstr "requte d'authentification GSS duplique\n" #: fe-exec.c:3546 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 #: fe-protocol3.c:1678 fe-secure-openssl.c:551 fe-secure-openssl.c:1093 msgid "out of memory\n" -msgstr "mmoire puise\n" +msgstr "mémoire épuisée\n" #: fe-auth.c:210 msgid "GSSAPI name import error" @@ -52,41 +52,41 @@ msgstr "erreur de suite SSPI" #: fe-auth.c:398 msgid "could not acquire SSPI credentials" -msgstr "n'a pas pu rcuprer les pices d'identit SSPI" +msgstr "n'a pas pu récupérer les pièces d'identité SSPI" #: fe-auth.c:489 msgid "SCM_CRED authentication method not supported\n" -msgstr "authentification SCM_CRED non supporte\n" +msgstr "authentification SCM_CRED non supportée\n" #: fe-auth.c:565 msgid "Kerberos 4 authentication not supported\n" -msgstr "authentification Kerberos 4 non supporte\n" +msgstr "authentification Kerberos 4 non supportée\n" #: fe-auth.c:570 msgid "Kerberos 5 authentication not supported\n" -msgstr "authentification Kerberos 5 non supporte\n" +msgstr "authentification Kerberos 5 non supportée\n" #: fe-auth.c:641 msgid "GSSAPI authentication not supported\n" -msgstr "authentification GSSAPI non supporte\n" +msgstr "authentification GSSAPI non supportée\n" #: fe-auth.c:673 msgid "SSPI authentication not supported\n" -msgstr "authentification SSPI non supporte\n" +msgstr "authentification SSPI non supportée\n" #: fe-auth.c:681 msgid "Crypt authentication not supported\n" -msgstr "authentification crypt non supporte\n" +msgstr "authentification crypt non supportée\n" #: fe-auth.c:708 #, c-format msgid "authentication method %u not supported\n" -msgstr "mthode d'authentification %u non supporte\n" +msgstr "méthode d'authentification %u non supportée\n" #: fe-auth.c:755 #, c-format msgid "user name lookup failure: error code %lu\n" -msgstr "chec de la recherche du nom d'utilisateur : code erreur %lu\n" +msgstr "échec de la recherche du nom d'utilisateur : code erreur %lu\n" #: fe-auth.c:765 fe-connect.c:2018 #, c-format @@ -101,17 +101,17 @@ msgstr "l'utilisateur local dont l'identifiant est %d n'existe pas\n" #: fe-connect.c:846 #, c-format msgid "invalid sslmode value: \"%s\"\n" -msgstr "valeur sslmode invalide : %s \n" +msgstr "valeur sslmode invalide : « %s »\n" #: fe-connect.c:867 #, c-format msgid "sslmode value \"%s\" invalid when SSL support is not compiled in\n" -msgstr "valeur sslmode %s invalide si le support SSL n'est pas compil initialement\n" +msgstr "valeur sslmode « %s » invalide si le support SSL n'est pas compilé initialement\n" #: fe-connect.c:1104 #, c-format msgid "could not set socket to TCP no delay mode: %s\n" -msgstr "n'a pas pu activer le mode TCP sans dlai pour la socket : %s\n" +msgstr "n'a pas pu activer le mode TCP sans délai pour la socket : %s\n" #: fe-connect.c:1134 #, c-format @@ -122,7 +122,7 @@ msgid "" msgstr "" "n'a pas pu se connecter au serveur : %s\n" "\tLe serveur est-il actif localement et accepte-t-il les connexions sur la\n" -" \tsocket Unix %s ?\n" +" \tsocket Unix « %s » ?\n" #: fe-connect.c:1189 #, c-format @@ -132,7 +132,7 @@ msgid "" "\tTCP/IP connections on port %s?\n" msgstr "" "n'a pas pu se connecter au serveur : %s\n" -"\tLe serveur est-il actif sur l'hte %s (%s)\n" +"\tLe serveur est-il actif sur l'hôte « %s » (%s)\n" "\tet accepte-t-il les connexionsTCP/IP sur le port %s ?\n" #: fe-connect.c:1198 @@ -143,64 +143,64 @@ msgid "" "\tTCP/IP connections on port %s?\n" msgstr "" "n'a pas pu se connecter au serveur : %s\n" -"\tLe serveur est-il actif sur l'hte %s et accepte-t-il les connexions\n" +"\tLe serveur est-il actif sur l'hôte « %s » et accepte-t-il les connexions\n" "\tTCP/IP sur le port %s ?\n" #: fe-connect.c:1249 #, c-format msgid "setsockopt(TCP_KEEPIDLE) failed: %s\n" -msgstr "setsockopt(TCP_KEEPIDLE) a chou : %s\n" +msgstr "setsockopt(TCP_KEEPIDLE) a échoué : %s\n" #: fe-connect.c:1262 #, c-format msgid "setsockopt(TCP_KEEPALIVE) failed: %s\n" -msgstr "setsockopt(TCP_KEEPALIVE) a chou : %s\n" +msgstr "setsockopt(TCP_KEEPALIVE) a échoué : %s\n" #: fe-connect.c:1294 #, c-format msgid "setsockopt(TCP_KEEPINTVL) failed: %s\n" -msgstr "setsockopt(TCP_KEEPINTVL) a chou : %s\n" +msgstr "setsockopt(TCP_KEEPINTVL) a échoué : %s\n" #: fe-connect.c:1326 #, c-format msgid "setsockopt(TCP_KEEPCNT) failed: %s\n" -msgstr "setsockopt(TCP_KEEPCNT) a chou : %s\n" +msgstr "setsockopt(TCP_KEEPCNT) a échoué : %s\n" #: fe-connect.c:1374 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" -msgstr "WSAIoctl(SIO_KEEPALIVE_VALS) a chou : %ui\n" +msgstr "WSAIoctl(SIO_KEEPALIVE_VALS) a échoué : %ui\n" #: fe-connect.c:1426 #, c-format msgid "invalid port number: \"%s\"\n" -msgstr "numro de port invalide : %s \n" +msgstr "numéro de port invalide : « %s »\n" #: fe-connect.c:1459 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" -msgstr "Le chemin du socket de domaine Unix, %s , est trop (maximum %d octets)\n" +msgstr "Le chemin du socket de domaine Unix, « %s », est trop (maximum %d octets)\n" #: fe-connect.c:1478 #, c-format msgid "could not translate host name \"%s\" to address: %s\n" -msgstr "n'a pas pu traduire le nom d'hte %s en adresse : %s\n" +msgstr "n'a pas pu traduire le nom d'hôte « %s » en adresse : %s\n" #: fe-connect.c:1482 #, c-format msgid "could not translate Unix-domain socket path \"%s\" to address: %s\n" msgstr "" -"n'a pas pu traduire le chemin de la socket du domaine Unix %s en adresse :\n" +"n'a pas pu traduire le chemin de la socket du domaine Unix « %s » en adresse :\n" "%s\n" #: fe-connect.c:1687 msgid "invalid connection state, probably indicative of memory corruption\n" -msgstr "tat de connexion invalide, indique probablement une corruption de mmoire\n" +msgstr "état de connexion invalide, indique probablement une corruption de mémoire\n" #: fe-connect.c:1727 #, c-format msgid "could not create socket: %s\n" -msgstr "n'a pas pu crer la socket : %s\n" +msgstr "n'a pas pu créer la socket : %s\n" #: fe-connect.c:1749 #, c-format @@ -210,21 +210,21 @@ msgstr "n'a pas pu activer le mode non-bloquant pour la socket : %s\n" #: fe-connect.c:1760 #, c-format msgid "could not set socket to close-on-exec mode: %s\n" -msgstr "n'a pas pu paramtrer la socket en mode close-on-exec : %s\n" +msgstr "n'a pas pu paramétrer la socket en mode close-on-exec : %s\n" #: fe-connect.c:1779 msgid "keepalives parameter must be an integer\n" -msgstr "le paramtre keepalives doit tre un entier\n" +msgstr "le paramètre keepalives doit être un entier\n" #: fe-connect.c:1792 #, c-format msgid "setsockopt(SO_KEEPALIVE) failed: %s\n" -msgstr "setsockopt(SO_KEEPALIVE) a chou : %s\n" +msgstr "setsockopt(SO_KEEPALIVE) a échoué : %s\n" #: fe-connect.c:1929 #, c-format msgid "could not get socket error status: %s\n" -msgstr "n'a pas pu dterminer le statut d'erreur de la socket : %s\n" +msgstr "n'a pas pu déterminer le statut d'erreur de la socket : %s\n" #: fe-connect.c:1963 #, c-format @@ -233,7 +233,7 @@ msgstr "n'a pas pu obtenir l'adresse du client depuis la socket : %s\n" #: fe-connect.c:2005 msgid "requirepeer parameter is not supported on this platform\n" -msgstr "le paramtre requirepeer n'est pas support sur cette plateforme\n" +msgstr "le paramètre requirepeer n'est pas supporté sur cette plateforme\n" #: fe-connect.c:2008 #, c-format @@ -243,199 +243,199 @@ msgstr "n'a pas pu obtenir l'authentification de l'autre : %s\n" #: fe-connect.c:2031 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" -msgstr "requirepeer indique %s mais le nom de l'utilisateur rel est %s \n" +msgstr "requirepeer indique « %s » mais le nom de l'utilisateur réel est « %s »\n" #: fe-connect.c:2065 #, c-format msgid "could not send SSL negotiation packet: %s\n" -msgstr "n'a pas pu transmettre le paquet de ngociation SSL : %s\n" +msgstr "n'a pas pu transmettre le paquet de négociation SSL : %s\n" #: fe-connect.c:2104 #, c-format msgid "could not send startup packet: %s\n" -msgstr "n'a pas pu transmettre le paquet de dmarrage : %s\n" +msgstr "n'a pas pu transmettre le paquet de démarrage : %s\n" #: fe-connect.c:2174 msgid "server does not support SSL, but SSL was required\n" -msgstr "le serveur ne supporte pas SSL alors que SSL tait rclam\n" +msgstr "le serveur ne supporte pas SSL alors que SSL était réclamé\n" #: fe-connect.c:2200 #, c-format msgid "received invalid response to SSL negotiation: %c\n" -msgstr "a reu une rponse invalide la ngociation SSL : %c\n" +msgstr "a reçu une réponse invalide à la négociation SSL : %c\n" #: fe-connect.c:2275 fe-connect.c:2308 #, c-format msgid "expected authentication request from server, but received %c\n" msgstr "" -"attendait une requte d'authentification en provenance du serveur, mais a\n" -" reu %c\n" +"attendait une requête d'authentification en provenance du serveur, mais a\n" +" reçu %c\n" #: fe-connect.c:2475 #, c-format msgid "out of memory allocating GSSAPI buffer (%d)" -msgstr "mmoire puise lors de l'allocation du tampon GSSAPI (%d)" +msgstr "mémoire épuisée lors de l'allocation du tampon GSSAPI (%d)" #: fe-connect.c:2560 msgid "unexpected message from server during startup\n" -msgstr "message inattendu du serveur lors du dmarrage\n" +msgstr "message inattendu du serveur lors du démarrage\n" #: fe-connect.c:2654 #, c-format msgid "invalid connection state %d, probably indicative of memory corruption\n" msgstr "" -"tat de connexion invalide (%d), indiquant probablement une corruption de\n" -" mmoire\n" +"état de connexion invalide (%d), indiquant probablement une corruption de\n" +" mémoire\n" #: fe-connect.c:3090 fe-connect.c:3150 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" -msgstr "chec de PGEventProc %s lors de l'vnement PGEVT_CONNRESET\n" +msgstr "échec de PGEventProc « %s » lors de l'événement PGEVT_CONNRESET\n" #: fe-connect.c:3497 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" -msgstr "URL LDAP %s invalide : le schma doit tre ldap://\n" +msgstr "URL LDAP « %s » invalide : le schéma doit être ldap://\n" #: fe-connect.c:3512 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" -msgstr "URL LDAP %s invalide : le distinguished name manque\n" +msgstr "URL LDAP « %s » invalide : le « distinguished name » manque\n" #: fe-connect.c:3523 fe-connect.c:3576 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" -msgstr "URL LDAP %s invalide : doit avoir exactement un attribut\n" +msgstr "URL LDAP « %s » invalide : doit avoir exactement un attribut\n" #: fe-connect.c:3533 fe-connect.c:3590 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" -msgstr "URL LDAP %s invalide : doit avoir une chelle de recherche (base/un/sous)\n" +msgstr "URL LDAP « %s » invalide : doit avoir une échelle de recherche (base/un/sous)\n" #: fe-connect.c:3544 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" -msgstr "URL LDAP %s invalide : aucun filtre\n" +msgstr "URL LDAP « %s » invalide : aucun filtre\n" #: fe-connect.c:3565 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" -msgstr "URL LDAP %s invalide : numro de port invalide\n" +msgstr "URL LDAP « %s » invalide : numéro de port invalide\n" #: fe-connect.c:3599 msgid "could not create LDAP structure\n" -msgstr "n'a pas pu crer la structure LDAP\n" +msgstr "n'a pas pu créer la structure LDAP\n" #: fe-connect.c:3675 #, c-format msgid "lookup on LDAP server failed: %s\n" -msgstr "chec de la recherche sur le serveur LDAP : %s\n" +msgstr "échec de la recherche sur le serveur LDAP : %s\n" #: fe-connect.c:3686 msgid "more than one entry found on LDAP lookup\n" -msgstr "plusieurs entres trouves pendant la recherche LDAP\n" +msgstr "plusieurs entrées trouvées pendant la recherche LDAP\n" #: fe-connect.c:3687 fe-connect.c:3699 msgid "no entry found on LDAP lookup\n" -msgstr "aucune entre trouve pendant la recherche LDAP\n" +msgstr "aucune entrée trouvée pendant la recherche LDAP\n" #: fe-connect.c:3710 fe-connect.c:3723 msgid "attribute has no values on LDAP lookup\n" -msgstr "l'attribut n'a pas de valeur aprs la recherche LDAP\n" +msgstr "l'attribut n'a pas de valeur après la recherche LDAP\n" #: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" -msgstr " = manquant aprs %s dans la chane des paramtres de connexion\n" +msgstr "« = » manquant après « %s » dans la chaîne des paramètres de connexion\n" #: fe-connect.c:3867 fe-connect.c:4494 fe-connect.c:5208 #, c-format msgid "invalid connection option \"%s\"\n" -msgstr "option de connexion %s invalide\n" +msgstr "option de connexion « %s » invalide\n" #: fe-connect.c:3883 fe-connect.c:4362 msgid "unterminated quoted string in connection info string\n" -msgstr "guillemets non referms dans la chane des paramtres de connexion\n" +msgstr "guillemets non refermés dans la chaîne des paramètres de connexion\n" #: fe-connect.c:3923 msgid "could not get home directory to locate service definition file" msgstr "" -"n'a pas pu obtenir le rpertoire personnel pour trouver le certificat de\n" -"dfinition du service" +"n'a pas pu obtenir le répertoire personnel pour trouver le certificat de\n" +"définition du service" #: fe-connect.c:3956 #, c-format msgid "definition of service \"%s\" not found\n" -msgstr "dfinition du service %s introuvable\n" +msgstr "définition du service « %s » introuvable\n" #: fe-connect.c:3979 #, c-format msgid "service file \"%s\" not found\n" -msgstr "fichier de service %s introuvable\n" +msgstr "fichier de service « %s » introuvable\n" #: fe-connect.c:3992 #, c-format msgid "line %d too long in service file \"%s\"\n" -msgstr "ligne %d trop longue dans le fichier service %s \n" +msgstr "ligne %d trop longue dans le fichier service « %s »\n" #: fe-connect.c:4063 fe-connect.c:4107 #, c-format msgid "syntax error in service file \"%s\", line %d\n" -msgstr "erreur de syntaxe dans le fichier service %s , ligne %d\n" +msgstr "erreur de syntaxe dans le fichier service « %s », ligne %d\n" #: fe-connect.c:4074 #, c-format msgid "nested service specifications not supported in service file \"%s\", line %d\n" -msgstr "spcifications imbriques de service non supportes dans le fichier service %s , ligne %d\n" +msgstr "spécifications imbriquées de service non supportées dans le fichier service « %s », ligne %d\n" #: fe-connect.c:4752 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" -msgstr "URI invalide propage la routine d'analyse interne : %s \n" +msgstr "URI invalide propagée à la routine d'analyse interne : « %s »\n" #: fe-connect.c:4822 #, c-format msgid "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n" msgstr "" -"fin de chane atteinte lors de la recherche du ] correspondant dans\n" -"l'adresse IPv6 de l'hte indique dans l'URI : %s \n" +"fin de chaîne atteinte lors de la recherche du « ] » correspondant dans\n" +"l'adresse IPv6 de l'hôte indiquée dans l'URI : « %s »\n" #: fe-connect.c:4829 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" -msgstr "l'adresse IPv6 de l'hte ne peut pas tre vide dans l'URI : %s \n" +msgstr "l'adresse IPv6 de l'hôte ne peut pas être vide dans l'URI : « %s »\n" #: fe-connect.c:4844 #, c-format msgid "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n" msgstr "" -"caractre %c inattendu la position %d de l'URI (caractre : ou\n" -" / attendu) : %s \n" +"caractère « %c » inattendu à la position %d de l'URI (caractère « : » ou\n" +"« / » attendu) : « %s »\n" #: fe-connect.c:4958 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "sparateur = de cl/valeur en trop dans le paramtre de requte URI : %s \n" +msgstr "séparateur « = » de clé/valeur en trop dans le paramètre de requête URI : « %s »\n" #: fe-connect.c:4978 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "sparateur = de cl/valeur manquant dans le paramtre de requte URI : %s \n" +msgstr "séparateur « = » de clé/valeur manquant dans le paramètre de requête URI : « %s »\n" #: fe-connect.c:5029 #, c-format msgid "invalid URI query parameter: \"%s\"\n" -msgstr "paramtre de la requte URI invalide : %s \n" +msgstr "paramètre de la requête URI invalide : « %s »\n" #: fe-connect.c:5103 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" -msgstr "jeton encod en pourcentage invalide : %s \n" +msgstr "jeton encodé en pourcentage invalide : « %s »\n" #: fe-connect.c:5113 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" -msgstr "valeur %%00 interdite dans la valeur code en pourcentage : %s \n" +msgstr "valeur %%00 interdite dans la valeur codée en pourcentage : « %s »\n" #: fe-connect.c:5447 msgid "connection pointer is NULL\n" @@ -444,20 +444,20 @@ msgstr "le pointeur de connexion est NULL\n" #: fe-connect.c:5745 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" -msgstr "ATTENTION : le fichier de mots de passe %s n'est pas un fichier texte\n" +msgstr "ATTENTION : le fichier de mots de passe « %s » n'est pas un fichier texte\n" #: fe-connect.c:5754 #, c-format msgid "WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "" -"ATTENTION : le fichier de mots de passe %s a des droits d'accs en\n" -"lecture pour le groupe ou universel ; les droits devraient tre u=rw (0600)\n" -"ou infrieur\n" +"ATTENTION : le fichier de mots de passe « %s » a des droits d'accès en\n" +"lecture pour le groupe ou universel ; les droits devraient être u=rw (0600)\n" +"ou inférieur\n" #: fe-connect.c:5860 #, c-format msgid "password retrieved from file \"%s\"\n" -msgstr "mot de passe rcupr dans le fichier fichier %s \n" +msgstr "mot de passe récupéré dans le fichier fichier « %s »\n" #: fe-exec.c:826 msgid "NOTICE" @@ -465,11 +465,11 @@ msgstr "NOTICE" #: fe-exec.c:1123 fe-exec.c:1181 fe-exec.c:1227 msgid "command string is a null pointer\n" -msgstr "la chane de commande est un pointeur nul\n" +msgstr "la chaîne de commande est un pointeur nul\n" #: fe-exec.c:1187 fe-exec.c:1233 fe-exec.c:1328 msgid "number of parameters must be between 0 and 65535\n" -msgstr "le nombre de paramtres doit tre compris entre 0 et 65535\n" +msgstr "le nombre de paramètres doit être compris entre 0 et 65535\n" #: fe-exec.c:1221 fe-exec.c:1322 msgid "statement name is a null pointer\n" @@ -477,7 +477,7 @@ msgstr "le nom de l'instruction est un pointeur nul\n" #: fe-exec.c:1241 fe-exec.c:1405 fe-exec.c:2123 fe-exec.c:2322 msgid "function requires at least protocol version 3.0\n" -msgstr "la fonction ncessite au minimum le protocole 3.0\n" +msgstr "la fonction nécessite au minimum le protocole 3.0\n" #: fe-exec.c:1359 msgid "no connection to the server\n" @@ -485,11 +485,11 @@ msgstr "aucune connexion au serveur\n" #: fe-exec.c:1366 msgid "another command is already in progress\n" -msgstr "une autre commande est dj en cours\n" +msgstr "une autre commande est déjà en cours\n" #: fe-exec.c:1481 msgid "length must be given for binary parameter\n" -msgstr "la longueur doit tre indique pour les paramtres binaires\n" +msgstr "la longueur doit être indiquée pour les paramètres binaires\n" #: fe-exec.c:1753 #, c-format @@ -499,23 +499,23 @@ msgstr "asyncStatus inattendu : %d\n" #: fe-exec.c:1773 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" -msgstr "chec de PGEventProc %s lors de l'vnement PGEVT_RESULTCREATE\n" +msgstr "échec de PGEventProc « %s » lors de l'événement PGEVT_RESULTCREATE\n" #: fe-exec.c:1933 msgid "COPY terminated by new PQexec" -msgstr "COPY termin par un nouveau PQexec" +msgstr "COPY terminé par un nouveau PQexec" #: fe-exec.c:1941 msgid "COPY IN state must be terminated first\n" -msgstr "l'tat COPY IN doit d'abord tre termin\n" +msgstr "l'état COPY IN doit d'abord être terminé\n" #: fe-exec.c:1961 msgid "COPY OUT state must be terminated first\n" -msgstr "l'tat COPY OUT doit d'abord tre termin\n" +msgstr "l'état COPY OUT doit d'abord être terminé\n" #: fe-exec.c:1969 msgid "PQexec not allowed during COPY BOTH\n" -msgstr "PQexec non autoris pendant COPY BOTH\n" +msgstr "PQexec non autorisé pendant COPY BOTH\n" #: fe-exec.c:2212 fe-exec.c:2279 fe-exec.c:2369 fe-protocol2.c:1352 #: fe-protocol3.c:1817 @@ -524,7 +524,7 @@ msgstr "aucun COPY en cours\n" #: fe-exec.c:2559 msgid "connection in wrong state\n" -msgstr "connexion dans un tat erron\n" +msgstr "connexion dans un état erroné\n" #: fe-exec.c:2590 msgid "invalid ExecStatusType code" @@ -532,126 +532,126 @@ msgstr "code ExecStatusType invalide" #: fe-exec.c:2617 msgid "PGresult is not an error result\n" -msgstr "PGresult n'est pas un rsultat d'erreur\n" +msgstr "PGresult n'est pas un résultat d'erreur\n" #: fe-exec.c:2692 fe-exec.c:2715 #, c-format msgid "column number %d is out of range 0..%d" -msgstr "le numro de colonne %d est en dehors des limites 0..%d" +msgstr "le numéro de colonne %d est en dehors des limites 0..%d" #: fe-exec.c:2708 #, c-format msgid "row number %d is out of range 0..%d" -msgstr "le numro de ligne %d est en dehors des limites 0..%d" +msgstr "le numéro de ligne %d est en dehors des limites 0..%d" #: fe-exec.c:2730 #, c-format msgid "parameter number %d is out of range 0..%d" -msgstr "le numro de paramtre %d est en dehors des limites 0..%d" +msgstr "le numéro de paramètre %d est en dehors des limites 0..%d" #: fe-exec.c:3040 #, c-format msgid "could not interpret result from server: %s" -msgstr "n'a pas pu interprter la rponse du serveur : %s" +msgstr "n'a pas pu interpréter la réponse du serveur : %s" #: fe-exec.c:3279 fe-exec.c:3363 msgid "incomplete multibyte character\n" -msgstr "caractre multi-octet incomplet\n" +msgstr "caractère multi-octet incomplet\n" #: fe-lobj.c:155 msgid "cannot determine OID of function lo_truncate\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_truncate\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_truncate\n" #: fe-lobj.c:171 msgid "argument of lo_truncate exceeds integer range\n" -msgstr "l'argument de lo_truncate dpasse l'chelle des entiers\n" +msgstr "l'argument de lo_truncate dépasse l'échelle des entiers\n" #: fe-lobj.c:222 msgid "cannot determine OID of function lo_truncate64\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_truncate64\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_truncate64\n" #: fe-lobj.c:280 msgid "argument of lo_read exceeds integer range\n" -msgstr "l'argument de lo_read dpasse l'chelle des entiers\n" +msgstr "l'argument de lo_read dépasse l'échelle des entiers\n" #: fe-lobj.c:335 msgid "argument of lo_write exceeds integer range\n" -msgstr "l'argument de lo_write dpasse l'chelle des entiers\n" +msgstr "l'argument de lo_write dépasse l'échelle des entiers\n" #: fe-lobj.c:426 msgid "cannot determine OID of function lo_lseek64\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_lseek64\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_lseek64\n" #: fe-lobj.c:522 msgid "cannot determine OID of function lo_create\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_create\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_create\n" #: fe-lobj.c:601 msgid "cannot determine OID of function lo_tell64\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_tell64\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_tell64\n" #: fe-lobj.c:707 fe-lobj.c:816 #, c-format msgid "could not open file \"%s\": %s\n" -msgstr "n'a pas pu ouvrir le fichier %s : %s\n" +msgstr "n'a pas pu ouvrir le fichier « %s » : %s\n" #: fe-lobj.c:762 #, c-format msgid "could not read from file \"%s\": %s\n" -msgstr "n'a pas pu lire le fichier %s : %s\n" +msgstr "n'a pas pu lire le fichier « %s » : %s\n" #: fe-lobj.c:836 fe-lobj.c:860 #, c-format msgid "could not write to file \"%s\": %s\n" -msgstr "n'a pas pu crire dans le fichier %s : %s\n" +msgstr "n'a pas pu écrire dans le fichier « %s » : %s\n" #: fe-lobj.c:947 msgid "query to initialize large object functions did not return data\n" msgstr "" -"la requte d'initialisation des fonctions pour Larges Objects ne renvoie\n" -"pas de donnes\n" +"la requête d'initialisation des fonctions pour « Larges Objects » ne renvoie\n" +"pas de données\n" #: fe-lobj.c:996 msgid "cannot determine OID of function lo_open\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_open\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_open\n" #: fe-lobj.c:1003 msgid "cannot determine OID of function lo_close\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_close\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_close\n" #: fe-lobj.c:1010 msgid "cannot determine OID of function lo_creat\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_creat\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_creat\n" #: fe-lobj.c:1017 msgid "cannot determine OID of function lo_unlink\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_unlink\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_unlink\n" #: fe-lobj.c:1024 msgid "cannot determine OID of function lo_lseek\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_lseek\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_lseek\n" #: fe-lobj.c:1031 msgid "cannot determine OID of function lo_tell\n" -msgstr "ne peut pas dterminer l'OID de la fonction lo_tell\n" +msgstr "ne peut pas déterminer l'OID de la fonction lo_tell\n" #: fe-lobj.c:1038 msgid "cannot determine OID of function loread\n" -msgstr "ne peut pas dterminer l'OID de la fonction loread\n" +msgstr "ne peut pas déterminer l'OID de la fonction loread\n" #: fe-lobj.c:1045 msgid "cannot determine OID of function lowrite\n" -msgstr "ne peut pas dterminer l'OID de la fonction lowrite\n" +msgstr "ne peut pas déterminer l'OID de la fonction lowrite\n" #: fe-misc.c:295 #, c-format msgid "integer of size %lu not supported by pqGetInt" -msgstr "entier de taille %lu non support par pqGetInt" +msgstr "entier de taille %lu non supporté par pqGetInt" #: fe-misc.c:331 #, c-format msgid "integer of size %lu not supported by pqPutInt" -msgstr "entier de taille %lu non support par pqPutInt" +msgstr "entier de taille %lu non supporté par pqPutInt" #: fe-misc.c:642 fe-misc.c:843 msgid "connection not open\n" @@ -664,13 +664,13 @@ msgid "" "\tThis probably means the server terminated abnormally\n" "\tbefore or while processing the request.\n" msgstr "" -"la connexion au serveur a t coupe de faon inattendue\n" -"\tLe serveur s'est peut-tre arrt anormalement avant ou durant le\n" -"\ttraitement de la requte.\n" +"la connexion au serveur a été coupée de façon inattendue\n" +"\tLe serveur s'est peut-être arrêté anormalement avant ou durant le\n" +"\ttraitement de la requête.\n" #: fe-misc.c:1016 msgid "timeout expired\n" -msgstr "le dlai est dpass\n" +msgstr "le délai est dépassé\n" #: fe-misc.c:1061 msgid "invalid socket\n" @@ -679,58 +679,58 @@ msgstr "socket invalide\n" #: fe-misc.c:1084 #, c-format msgid "select() failed: %s\n" -msgstr "chec de select() : %s\n" +msgstr "échec de select() : %s\n" #: fe-protocol2.c:91 #, c-format msgid "invalid setenv state %c, probably indicative of memory corruption\n" -msgstr "tat setenv %c invalide, indiquant probablement une corruption de la mmoire\n" +msgstr "état setenv %c invalide, indiquant probablement une corruption de la mémoire\n" #: fe-protocol2.c:390 #, c-format msgid "invalid state %c, probably indicative of memory corruption\n" -msgstr "tat %c invalide, indiquant probablement une corruption de la mmoire\n" +msgstr "état %c invalide, indiquant probablement une corruption de la mémoire\n" #: fe-protocol2.c:479 fe-protocol3.c:186 #, c-format msgid "message type 0x%02x arrived from server while idle" -msgstr "le message de type 0x%02x est arriv alors que le serveur tait en attente" +msgstr "le message de type 0x%02x est arrivé alors que le serveur était en attente" #: fe-protocol2.c:503 fe-protocol2.c:538 fe-protocol2.c:1049 fe-protocol3.c:209 #: fe-protocol3.c:236 fe-protocol3.c:253 fe-protocol3.c:333 fe-protocol3.c:728 #: fe-protocol3.c:951 msgid "out of memory" -msgstr "mmoire puise" +msgstr "mémoire épuisée" #: fe-protocol2.c:529 #, c-format msgid "unexpected character %c following empty query response (\"I\" message)" msgstr "" -"caractre %c inattendu la suite d'une rponse de requte vide (message\n" -" I )" +"caractère %c inattendu à la suite d'une réponse de requête vide (message\n" +"« I »)" #: fe-protocol2.c:595 #, c-format msgid "server sent data (\"D\" message) without prior row description (\"T\" message)" msgstr "" -"le serveur a envoy des donnes (message D ) sans description pralable\n" -"de la ligne (message T )" +"le serveur a envoyé des données (message « D ») sans description préalable\n" +"de la ligne (message « T »)" #: fe-protocol2.c:613 #, c-format msgid "server sent binary data (\"B\" message) without prior row description (\"T\" message)" msgstr "" -"le serveur a envoy des donnes binaires (message B ) sans description\n" -"pralable de la ligne (message T )" +"le serveur a envoyé des données binaires (message « B ») sans description\n" +"préalable de la ligne (message « T »)" #: fe-protocol2.c:633 fe-protocol3.c:412 #, c-format msgid "unexpected response from server; first received character was \"%c\"\n" -msgstr "rponse inattendue du serveur, le premier caractre reu tant %c \n" +msgstr "réponse inattendue du serveur, le premier caractère reçu étant « %c »\n" #: fe-protocol2.c:762 fe-protocol2.c:937 fe-protocol3.c:627 fe-protocol3.c:854 msgid "out of memory for query result" -msgstr "mmoire puise pour le rsultat de la requte" +msgstr "mémoire épuisée pour le résultat de la requête" #: fe-protocol2.c:1395 fe-protocol3.c:1886 #, c-format @@ -740,7 +740,7 @@ msgstr "%s" #: fe-protocol2.c:1407 #, c-format msgid "lost synchronization with server, resetting connection" -msgstr "synchronisation perdue avec le serveur, rinitialisation de la connexion" +msgstr "synchronisation perdue avec le serveur, réinitialisation de la connexion" #: fe-protocol2.c:1541 fe-protocol2.c:1573 fe-protocol3.c:2089 #, c-format @@ -750,46 +750,46 @@ msgstr "erreur de protocole : id=0x%x\n" #: fe-protocol3.c:368 msgid "server sent data (\"D\" message) without prior row description (\"T\" message)\n" msgstr "" -"le serveur a envoy des donnes (message D ) sans description pralable\n" -"de la ligne (message T )\n" +"le serveur a envoyé des données (message « D ») sans description préalable\n" +"de la ligne (message « T »)\n" #: fe-protocol3.c:433 #, c-format msgid "message contents do not agree with length in message type \"%c\"\n" msgstr "" "le contenu du message ne correspond pas avec la longueur du type de message\n" -" %c \n" +"« %c »\n" #: fe-protocol3.c:454 #, c-format msgid "lost synchronization with server: got message type \"%c\", length %d\n" msgstr "" -"synchronisation perdue avec le serveur : a reu le type de message %c ,\n" +"synchronisation perdue avec le serveur : a reçu le type de message « %c »,\n" "longueur %d\n" #: fe-protocol3.c:505 fe-protocol3.c:545 msgid "insufficient data in \"T\" message" -msgstr "donnes insuffisantes dans le message T " +msgstr "données insuffisantes dans le message « T »" #: fe-protocol3.c:578 msgid "extraneous data in \"T\" message" -msgstr "donnes supplmentaires dans le message T " +msgstr "données supplémentaires dans le message « T »" #: fe-protocol3.c:691 msgid "extraneous data in \"t\" message" -msgstr "donnes supplmentaires dans le message t " +msgstr "données supplémentaires dans le message « t »" #: fe-protocol3.c:762 fe-protocol3.c:794 fe-protocol3.c:812 msgid "insufficient data in \"D\" message" -msgstr "donnes insuffisantes dans le message D " +msgstr "données insuffisantes dans le message « D »" #: fe-protocol3.c:768 msgid "unexpected field count in \"D\" message" -msgstr "nombre de champs inattendu dans le message D " +msgstr "nombre de champs inattendu dans le message « D »" #: fe-protocol3.c:821 msgid "extraneous data in \"D\" message" -msgstr "donnes supplmentaires dans le message D " +msgstr "données supplémentaires dans le message « D »" #: fe-protocol3.c:1005 msgid "no error message available\n" @@ -799,12 +799,12 @@ msgstr "aucun message d'erreur disponible\n" #: fe-protocol3.c:1035 fe-protocol3.c:1054 #, c-format msgid " at character %s" -msgstr " au caractre %s" +msgstr " au caractère %s" #: fe-protocol3.c:1067 #, c-format msgid "DETAIL: %s\n" -msgstr "DTAIL : %s\n" +msgstr "DÉTAIL : %s\n" #: fe-protocol3.c:1070 #, c-format @@ -814,7 +814,7 @@ msgstr "ASTUCE : %s\n" #: fe-protocol3.c:1073 #, c-format msgid "QUERY: %s\n" -msgstr "REQUTE : %s\n" +msgstr "REQUÊTE : %s\n" #: fe-protocol3.c:1080 #, c-format @@ -824,7 +824,7 @@ msgstr "CONTEXTE : %s\n" #: fe-protocol3.c:1089 #, c-format msgid "SCHEMA NAME: %s\n" -msgstr "NOM DE SCHMA : %s\n" +msgstr "NOM DE SCHÉMA : %s\n" #: fe-protocol3.c:1093 #, c-format @@ -839,7 +839,7 @@ msgstr "NOM DE COLONNE : %s\n" #: fe-protocol3.c:1101 #, c-format msgid "DATATYPE NAME: %s\n" -msgstr "NOM DU TYPE DE DONNES : %s\n" +msgstr "NOM DU TYPE DE DONNÉES : %s\n" #: fe-protocol3.c:1105 #, c-format @@ -867,17 +867,17 @@ msgstr "LIGNE %d : " #: fe-protocol3.c:1711 msgid "PQgetline: not doing text COPY OUT\n" -msgstr "PQgetline : ne va pas raliser un COPY OUT au format texte\n" +msgstr "PQgetline : ne va pas réaliser un COPY OUT au format texte\n" #: fe-secure-openssl.c:146 fe-secure-openssl.c:1030 fe-secure-openssl.c:1250 #, c-format msgid "could not acquire mutex: %s\n" -msgstr "n'a pas pu acqurir le mutex : %s\n" +msgstr "n'a pas pu acquérir le mutex : %s\n" #: fe-secure-openssl.c:158 #, c-format msgid "could not establish SSL connection: %s\n" -msgstr "n'a pas pu tablir la connexion SSL : %s\n" +msgstr "n'a pas pu établir la connexion SSL : %s\n" #: fe-secure-openssl.c:275 fe-secure-openssl.c:384 fe-secure-openssl.c:1376 #, c-format @@ -886,7 +886,7 @@ msgstr "erreur SYSCALL SSL : %s\n" #: fe-secure-openssl.c:282 fe-secure-openssl.c:391 fe-secure-openssl.c:1380 msgid "SSL SYSCALL error: EOF detected\n" -msgstr "erreur SYSCALL SSL : EOF dtect\n" +msgstr "erreur SYSCALL SSL : EOF détecté\n" #: fe-secure-openssl.c:293 fe-secure-openssl.c:402 fe-secure-openssl.c:1389 #, c-format @@ -895,7 +895,7 @@ msgstr "erreur SSL : %s\n" #: fe-secure-openssl.c:308 fe-secure-openssl.c:417 msgid "SSL connection has been closed unexpectedly\n" -msgstr "la connexion SSL a t ferme de faon inattendu\n" +msgstr "la connexion SSL a été fermée de façon inattendu\n" #: fe-secure-openssl.c:314 fe-secure-openssl.c:423 fe-secure-openssl.c:1398 #, c-format @@ -904,7 +904,7 @@ msgstr "code d'erreur SSL inconnu : %d\n" #: fe-secure-openssl.c:535 msgid "SSL certificate's name entry is missing\n" -msgstr "l'entre du nom du certificat SSL est manquante\n" +msgstr "l'entrée du nom du certificat SSL est manquante\n" #: fe-secure-openssl.c:565 msgid "SSL certificate's name contains embedded null\n" @@ -912,92 +912,92 @@ msgstr "le nom du certificat SSL contient des NULL\n" #: fe-secure-openssl.c:616 msgid "host name must be specified for a verified SSL connection\n" -msgstr "le nom d'hte doit tre prcis pour une connexion SSL vrifie\n" +msgstr "le nom d'hôte doit être précisé pour une connexion SSL vérifiée\n" #: fe-secure-openssl.c:716 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" -msgstr "le certificat serveur pour %s ne correspond pas au nom d'hte %s \n" +msgstr "le certificat serveur pour « %s » ne correspond pas au nom d'hôte « %s »\n" #: fe-secure-openssl.c:722 msgid "could not get server's host name from server certificate\n" -msgstr "n'a pas pu rcuprer le nom d'hte du serveur partir du certificat serveur\n" +msgstr "n'a pas pu récupérer le nom d'hôte du serveur à partir du certificat serveur\n" #: fe-secure-openssl.c:869 #, c-format msgid "could not create SSL context: %s\n" -msgstr "n'a pas pu crer le contexte SSL : %s\n" +msgstr "n'a pas pu créer le contexte SSL : %s\n" #: fe-secure-openssl.c:1000 #, c-format msgid "could not open certificate file \"%s\": %s\n" -msgstr "n'a pas pu ouvrir le certificat %s : %s\n" +msgstr "n'a pas pu ouvrir le certificat « %s » : %s\n" #: fe-secure-openssl.c:1039 fe-secure-openssl.c:1054 #, c-format msgid "could not read certificate file \"%s\": %s\n" -msgstr "n'a pas pu lire le certificat %s : %s\n" +msgstr "n'a pas pu lire le certificat « %s » : %s\n" #: fe-secure-openssl.c:1109 #, c-format msgid "could not load SSL engine \"%s\": %s\n" -msgstr "n'a pas pu charger le moteur SSL %s : %s\n" +msgstr "n'a pas pu charger le moteur SSL « %s » : %s\n" #: fe-secure-openssl.c:1121 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" -msgstr "n'a pas pu initialiser le moteur SSL %s : %s\n" +msgstr "n'a pas pu initialiser le moteur SSL « %s » : %s\n" #: fe-secure-openssl.c:1137 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" -msgstr "n'a pas pu lire la cl prive SSL %s partir du moteur %s : %s\n" +msgstr "n'a pas pu lire la clé privée SSL « %s » à partir du moteur « %s » : %s\n" #: fe-secure-openssl.c:1151 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" -msgstr "n'a pas pu charger la cl prive SSL %s partir du moteur %s : %s\n" +msgstr "n'a pas pu charger la clé privée SSL « %s » à partir du moteur « %s » : %s\n" #: fe-secure-openssl.c:1188 #, c-format msgid "certificate present, but not private key file \"%s\"\n" -msgstr "le certificat est prsent, mais la cl prive %s est absente\n" +msgstr "le certificat est présent, mais la clé privée « %s » est absente\n" #: fe-secure-openssl.c:1196 #, c-format msgid "private key file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "" -"le fichier de la cl prive %s a des droits d'accs en lecture\n" -"pour le groupe ou universel ; les droits devraient tre u=rw (0600)\n" -"ou infrieur\n" +"le fichier de la clé privée « %s » a des droits d'accès en lecture\n" +"pour le groupe ou universel ; les droits devraient être u=rw (0600)\n" +"ou inférieur\n" #: fe-secure-openssl.c:1207 #, c-format msgid "could not load private key file \"%s\": %s\n" -msgstr "n'a pas pu charger le fichier de cl prive %s : %s\n" +msgstr "n'a pas pu charger le fichier de clé privée « %s » : %s\n" #: fe-secure-openssl.c:1221 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" -msgstr "le certificat ne correspond pas la cl prive %s : %s\n" +msgstr "le certificat ne correspond pas à la clé privée « %s » : %s\n" #: fe-secure-openssl.c:1259 #, c-format msgid "could not read root certificate file \"%s\": %s\n" -msgstr "n'a pas pu lire le certificat racine %s : %s\n" +msgstr "n'a pas pu lire le certificat racine « %s » : %s\n" #: fe-secure-openssl.c:1289 #, c-format msgid "SSL library does not support CRL certificates (file \"%s\")\n" -msgstr "la bibliothque SSL ne supporte pas les certificats CRL (fichier %s )\n" +msgstr "la bibliothèque SSL ne supporte pas les certificats CRL (fichier « %s »)\n" #: fe-secure-openssl.c:1322 msgid "" "could not get home directory to locate root certificate file\n" "Either provide the file or change sslmode to disable server certificate verification.\n" msgstr "" -"n'a pas pu obtenir le rpertoire personnel pour situer le fichier de certificat racine.\n" -"Fournissez le fichier ou modifiez sslmode pour dsactiver la vrification du\n" +"n'a pas pu obtenir le répertoire personnel pour situer le fichier de certificat racine.\n" +"Fournissez le fichier ou modifiez sslmode pour désactiver la vérification du\n" "certificat par le serveur.\n" #: fe-secure-openssl.c:1326 @@ -1006,19 +1006,19 @@ msgid "" "root certificate file \"%s\" does not exist\n" "Either provide the file or change sslmode to disable server certificate verification.\n" msgstr "" -"le fichier de certificat racine %s n'existe pas.\n" -"Fournissez le fichier ou modifiez sslmode pour dsactiver la vrification du\n" +"le fichier de certificat racine « %s » n'existe pas.\n" +"Fournissez le fichier ou modifiez sslmode pour désactiver la vérification du\n" "certificat par le serveur.\n" #: fe-secure-openssl.c:1419 #, c-format msgid "certificate could not be obtained: %s\n" -msgstr "le certificat n'a pas pu tre obtenu : %s\n" +msgstr "le certificat n'a pas pu être obtenu : %s\n" #: fe-secure-openssl.c:1511 #, c-format msgid "no SSL error reported" -msgstr "aucune erreur SSL reporte" +msgstr "aucune erreur SSL reportée" #: fe-secure-openssl.c:1520 #, c-format @@ -1028,12 +1028,12 @@ msgstr "erreur SSL %lu" #: fe-secure.c:261 #, c-format msgid "could not receive data from server: %s\n" -msgstr "n'a pas pu recevoir des donnes depuis le serveur : %s\n" +msgstr "n'a pas pu recevoir des données depuis le serveur : %s\n" #: fe-secure.c:369 #, c-format msgid "could not send data to server: %s\n" -msgstr "n'a pas pu transmettre les donnes au serveur : %s\n" +msgstr "n'a pas pu transmettre les données au serveur : %s\n" #: win32.c:317 #, c-format @@ -1044,35 +1044,35 @@ msgstr "erreur de socket non reconnue : 0x%08X/%d" #~ msgstr "valeur de retour du traitement de la ligne non reconnue" #~ msgid "invalid sslverify value: \"%s\"\n" -#~ msgstr "valeur sslverify invalide : %s \n" +#~ msgstr "valeur sslverify invalide : « %s »\n" #~ msgid "invalid appname state %d, probably indicative of memory corruption\n" -#~ msgstr "tat appname %d invalide, indiquant probablement une corruption de la mmoire\n" +#~ msgstr "état appname %d invalide, indiquant probablement une corruption de la mémoire\n" #~ msgid "could not read private key file \"%s\": %s\n" -#~ msgstr "n'a pas pu lire la cl prive %s : %s\n" +#~ msgstr "n'a pas pu lire la clé privée « %s » : %s\n" #~ msgid "private key file \"%s\" changed during execution\n" -#~ msgstr "la cl prive %s a t modifie durant l'excution\n" +#~ msgstr "la clé privée « %s » a été modifiée durant l'exécution\n" #~ msgid "could not open private key file \"%s\": %s\n" -#~ msgstr "n'a pas pu ouvrir le fichier de cl prive %s : %s\n" +#~ msgstr "n'a pas pu ouvrir le fichier de clé privée « %s » : %s\n" #~ msgid "verified SSL connections are only supported when connecting to a host name\n" #~ msgstr "" -#~ "les connexions SSL vrifies ne sont supportes que lors de la connexion\n" -#~ " un alias hte\n" +#~ "les connexions SSL vérifiées ne sont supportées que lors de la connexion\n" +#~ "à un alias hôte\n" #~ msgid "could not get home directory to locate client certificate files\n" #~ msgstr "" -#~ "n'a pas pu rcuprer le rpertoire personnel pour trouver les certificats\n" +#~ "n'a pas pu récupérer le répertoire personnel pour trouver les certificats\n" #~ "du client\n" #~ msgid "could not restore nonblocking mode on socket: %s\n" -#~ msgstr "n'a pas pu rtablir le mode non-bloquant pour la socket : %s\n" +#~ msgstr "n'a pas pu rétablir le mode non-bloquant pour la socket : %s\n" #~ msgid "Kerberos 5 authentication rejected: %*s\n" -#~ msgstr "authentification Kerberos 5 rejete : %*s\n" +#~ msgstr "authentification Kerberos 5 rejetée : %*s\n" #~ msgid "could not set socket to blocking mode: %s\n" #~ msgstr "n'a pas pu activer le mode bloquant pour la socket : %s\n" diff --git a/src/interfaces/libpq/po/ko.po b/src/interfaces/libpq/po/ko.po index 974ec74f91..43c53cca76 100644 --- a/src/interfaces/libpq/po/ko.po +++ b/src/interfaces/libpq/po/ko.po @@ -3,23 +3,23 @@ # msgid "" msgstr "" -"Project-Id-Version: PostgreSQL 9.5\n" +"Project-Id-Version: PostgreSQL 9.6 libpq\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" -"POT-Creation-Date: 2015-12-23 14:15+0900\n" -"PO-Revision-Date: 2015-12-23 15:01+0900\n" +"POT-Creation-Date: 2016-09-26 14:02+0900\n" +"PO-Revision-Date: 2016-09-26 16:37+0900\n" "Last-Translator: Ioseph Kim <ioseph@uri.sarang.net>\n" "Language-Team: Korean <pgsql-kr@postgresql.kr>\n" +"Language: ko\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Language: ko\n" "Plural-Forms: nplurals=1; plural=0;\n" #: fe-auth.c:148 msgid "GSSAPI continuation error" msgstr "GSSAPI 연속 오류" -#: fe-auth.c:177 fe-auth.c:410 +#: fe-auth.c:177 fe-auth.c:412 msgid "host name must be specified\n" msgstr "호스트 이름을 지정해야 함\n" @@ -27,14 +27,14 @@ msgstr "호스트 이름을 지정해야 함\n" msgid "duplicate GSS authentication request\n" msgstr "중복된 GSS 인증 요청\n" -#: fe-auth.c:197 fe-auth.c:307 fe-auth.c:381 fe-auth.c:416 fe-auth.c:512 -#: fe-auth.c:778 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 -#: fe-connect.c:2091 fe-connect.c:3483 fe-connect.c:3735 fe-connect.c:3854 -#: fe-connect.c:4094 fe-connect.c:4174 fe-connect.c:4273 fe-connect.c:4525 -#: fe-connect.c:4554 fe-connect.c:4626 fe-connect.c:4644 fe-connect.c:4740 -#: fe-connect.c:5074 fe-connect.c:5224 fe-exec.c:3339 fe-exec.c:3504 -#: fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:1613 -#: fe-secure-openssl.c:527 fe-secure-openssl.c:1069 +#: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 +#: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 +#: fe-connect.c:2091 fe-connect.c:3484 fe-connect.c:3736 fe-connect.c:3855 +#: fe-connect.c:4095 fe-connect.c:4175 fe-connect.c:4274 fe-connect.c:4530 +#: fe-connect.c:4559 fe-connect.c:4631 fe-connect.c:4649 fe-connect.c:4745 +#: fe-connect.c:5079 fe-connect.c:5229 fe-exec.c:2652 fe-exec.c:3399 +#: fe-exec.c:3564 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 +#: fe-protocol3.c:1678 fe-secure-openssl.c:552 fe-secure-openssl.c:1094 msgid "out of memory\n" msgstr "메모리 부족\n" @@ -42,54 +42,54 @@ msgstr "메모리 부족\n" msgid "GSSAPI name import error" msgstr "GSSAPI 이름 가져오기 오류" -#: fe-auth.c:296 +#: fe-auth.c:298 msgid "SSPI continuation error" msgstr "SSPI 연속 오류" -#: fe-auth.c:396 +#: fe-auth.c:398 msgid "could not acquire SSPI credentials" msgstr "SSPI 자격 증명을 가져올 수 없음" -#: fe-auth.c:487 +#: fe-auth.c:489 msgid "SCM_CRED authentication method not supported\n" msgstr "SCM_CRED 인증 방법이 지원되지 않음\n" -#: fe-auth.c:563 +#: fe-auth.c:565 msgid "Kerberos 4 authentication not supported\n" msgstr "Kerberos 4 인증 방법이 지원되지 않음\n" -#: fe-auth.c:568 +#: fe-auth.c:570 msgid "Kerberos 5 authentication not supported\n" msgstr "Kerberos 5 인증 방법이 지원되지 않음\n" -#: fe-auth.c:639 +#: fe-auth.c:641 msgid "GSSAPI authentication not supported\n" msgstr "GSSAPI 인증은 지원되지 않음\n" -#: fe-auth.c:671 +#: fe-auth.c:673 msgid "SSPI authentication not supported\n" msgstr "SSPI 인증은 지원되지 않음\n" -#: fe-auth.c:679 +#: fe-auth.c:681 msgid "Crypt authentication not supported\n" msgstr "암호화 인증은 지원되지 않음\n" -#: fe-auth.c:706 +#: fe-auth.c:708 #, c-format msgid "authentication method %u not supported\n" msgstr "%u 인증 방법이 지원되지 않음\n" -#: fe-auth.c:753 +#: fe-auth.c:755 #, c-format msgid "user name lookup failure: error code %lu\n" msgstr "사용자 이름 찾기 실패: 오류 코드 %lu\n" -#: fe-auth.c:763 fe-connect.c:2018 +#: fe-auth.c:765 fe-connect.c:2018 #, c-format msgid "could not look up local user ID %d: %s\n" msgstr "UID %d 해당하는 사용자를 찾을 수 없음: %s\n" -#: fe-auth.c:768 fe-connect.c:2023 +#: fe-auth.c:770 fe-connect.c:2023 #, c-format msgid "local user with ID %d does not exist\n" msgstr "ID %d 로컬 사용자 없음\n" @@ -167,7 +167,7 @@ msgstr "setsockopt(TCP_KEEPCNT) 실패: %s\n" #: fe-connect.c:1374 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" -msgstr "" +msgstr "WSAIoctl(SIO_KEEPALIVE_VALS) 실패: %ui\n" #: fe-connect.c:1426 #, c-format @@ -177,7 +177,7 @@ msgstr "잘못된 포트 번호: \"%s\"\n" #: fe-connect.c:1459 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" -msgstr "" +msgstr "\"%s\" 유닉스 도메인 소켓 경로가 너무 깁니다 (최대 %d 바이트)\n" #: fe-connect.c:1478 #, c-format @@ -239,7 +239,7 @@ msgstr "신뢰성 피어를 얻을 수 없습니다: %s\n" #: fe-connect.c:2031 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" -msgstr "" +msgstr "\"%s\" 이름으로 requirepeer를 지정했지만, 실재 사용자 이름은 \"%s\" 입니다\n" #: fe-connect.c:2065 #, c-format @@ -279,165 +279,168 @@ msgstr "시작하는 동안 서버로부터 기대되지 않는 메시지\n" msgid "invalid connection state %d, probably indicative of memory corruption\n" msgstr "잘못된 연결 상태 %d, 메모리 손상일 가능성이 큼\n" -#: fe-connect.c:3089 fe-connect.c:3149 +#: fe-connect.c:3090 fe-connect.c:3150 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" msgstr "PGEVT_CONNRESET 이벤트 동안 PGEventProc \"%s\"이(가) 실패함\n" -#: fe-connect.c:3496 +#: fe-connect.c:3497 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" msgstr "잘못된 LDAP URL \"%s\": 스키마는 ldap:// 여야함\n" -#: fe-connect.c:3511 +#: fe-connect.c:3512 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" msgstr "잘못된 LDAP URL \"%s\": 식별자 이름이 빠졌음\n" -#: fe-connect.c:3522 fe-connect.c:3575 +#: fe-connect.c:3523 fe-connect.c:3576 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" msgstr "잘못된 LDAP URL \"%s\": 단 하나의 속성만 가져야함\n" -#: fe-connect.c:3532 fe-connect.c:3589 +#: fe-connect.c:3533 fe-connect.c:3590 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" msgstr "잘못된 LDAP URL \"%s\": 검색범위(base/one/sub)를 지정해야함\n" -#: fe-connect.c:3543 +#: fe-connect.c:3544 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" msgstr "잘못된 LDAP URL \"%s\": 필터 없음\n" -#: fe-connect.c:3564 +#: fe-connect.c:3565 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" msgstr "잘못된 LDAP URL \"%s\": 포트번호가 잘못됨\n" -#: fe-connect.c:3598 +#: fe-connect.c:3599 msgid "could not create LDAP structure\n" msgstr "LDAP 구조를 만들 수 없음\n" -#: fe-connect.c:3674 +#: fe-connect.c:3675 #, c-format msgid "lookup on LDAP server failed: %s\n" msgstr "LDAP 서버를 찾을 수 없음: %s\n" -#: fe-connect.c:3685 +#: fe-connect.c:3686 msgid "more than one entry found on LDAP lookup\n" msgstr "LDAP 검색에서 하나 이상의 엔트리가 발견되었음\n" -#: fe-connect.c:3686 fe-connect.c:3698 +#: fe-connect.c:3687 fe-connect.c:3699 msgid "no entry found on LDAP lookup\n" msgstr "LDAP 검색에서 해당 항목 없음\n" -#: fe-connect.c:3709 fe-connect.c:3722 +#: fe-connect.c:3710 fe-connect.c:3723 msgid "attribute has no values on LDAP lookup\n" msgstr "LDAP 검색에서 속성의 값이 없음\n" -#: fe-connect.c:3774 fe-connect.c:3793 fe-connect.c:4312 +#: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" msgstr "연결문자열에서 \"%s\" 다음에 \"=\" 문자 빠졌음\n" -#: fe-connect.c:3866 fe-connect.c:4493 fe-connect.c:5207 +#: fe-connect.c:3867 fe-connect.c:4498 fe-connect.c:5212 #, c-format msgid "invalid connection option \"%s\"\n" msgstr "잘못된 연결 옵션 \"%s\"\n" -#: fe-connect.c:3882 fe-connect.c:4361 +#: fe-connect.c:3883 fe-connect.c:4362 msgid "unterminated quoted string in connection info string\n" msgstr "연결문자열에서 완성되지 못한 따옴표문자열이 있음\n" -#: fe-connect.c:3922 +#: fe-connect.c:3923 msgid "could not get home directory to locate service definition file" msgstr "서비스 정의 파일이 있는 홈 디렉토리를 찾을 수 없음" -#: fe-connect.c:3955 +#: fe-connect.c:3956 #, c-format msgid "definition of service \"%s\" not found\n" msgstr "\"%s\" 서비스 정의를 찾을 수 없음\n" -#: fe-connect.c:3978 +#: fe-connect.c:3979 #, c-format msgid "service file \"%s\" not found\n" msgstr "\"%s\" 서비스 파일을 찾을 수 없음\n" -#: fe-connect.c:3991 +#: fe-connect.c:3992 #, c-format msgid "line %d too long in service file \"%s\"\n" msgstr "%d번째 줄이 \"%s\" 서비스 파일에서 너무 깁니다\n" -#: fe-connect.c:4062 fe-connect.c:4106 +#: fe-connect.c:4063 fe-connect.c:4107 #, c-format msgid "syntax error in service file \"%s\", line %d\n" msgstr "\"%s\" 서비스 파일의 %d번째 줄에 구문 오류 있음\n" -#: fe-connect.c:4073 +#: fe-connect.c:4074 #, c-format msgid "" "nested service specifications not supported in service file \"%s\", line %d\n" msgstr "\"%s\" 서비스 파일의 %d번째 줄에 설정을 지원하지 않음\n" -#: fe-connect.c:4751 +#: fe-connect.c:4756 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" msgstr "URI 구문 분석을 할 수 없음: \"%s\"\n" -#: fe-connect.c:4821 +#: fe-connect.c:4826 #, c-format msgid "" "end of string reached when looking for matching \"]\" in IPv6 host address " "in URI: \"%s\"\n" msgstr "" +"URI의 IPv6 호스트 주소에서 \"]\" 매칭 검색을 실패했습니다, 해당 URI: \"%s\"\n" -#: fe-connect.c:4828 +#: fe-connect.c:4833 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" -msgstr "" +msgstr "IPv6 호스트 주소가 없습니다, 해당 URI: \"%s\"\n" -#: fe-connect.c:4843 +#: fe-connect.c:4848 #, c-format msgid "" "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): " "\"%s\"\n" msgstr "" +"잘못된 \"%c\" 문자가 URI 문자열 가운데 %d 번째 있습니다(\":\" 또는 \"/\" 문자가 있어야 함): " +"\"%s\"\n" -#: fe-connect.c:4957 +#: fe-connect.c:4962 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "" +msgstr "키/밸류 구분자 \"=\" 문자가 필요함, 해당 URI 쿼리 매개변수: \"%s\"\n" -#: fe-connect.c:4977 +#: fe-connect.c:4982 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "" +msgstr "키/밸류 구분자 \"=\" 문자가 필요함, 해당 URI 쿼리 매개변수: \"%s\"\n" -#: fe-connect.c:5028 +#: fe-connect.c:5033 #, c-format msgid "invalid URI query parameter: \"%s\"\n" msgstr "잘못된 URL 쿼리 매개변수값: \"%s\"\n" -#: fe-connect.c:5102 +#: fe-connect.c:5107 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" msgstr "잘못된 퍼센트 인코드 토큰: \"%s\"\n" -#: fe-connect.c:5112 +#: fe-connect.c:5117 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" -msgstr "" +msgstr "퍼센트 인코드 값에 %%00 숨김 값이 있음: \"%s\"\n" -#: fe-connect.c:5443 +#: fe-connect.c:5451 msgid "connection pointer is NULL\n" msgstr "연결 포인터가 NULL\n" -#: fe-connect.c:5729 +#: fe-connect.c:5749 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" msgstr "경고: \"%s\" 패스워드 파일이 plain 파일이 아님\n" -#: fe-connect.c:5738 +#: fe-connect.c:5758 #, c-format msgid "" "WARNING: password file \"%s\" has group or world access; permissions should " @@ -446,103 +449,107 @@ msgstr "" "경고: 패스워드 파일 \"%s\"에 그룹 또는 범용 액세스 권한이 있습니다. 권한은 " "u=rw(0600) 이하여야 합니다.\n" -#: fe-connect.c:5844 +#: fe-connect.c:5864 #, c-format msgid "password retrieved from file \"%s\"\n" msgstr "\"%s\" 파일에서 암호를 찾을 수 없음\n" -#: fe-exec.c:825 +#: fe-exec.c:826 msgid "NOTICE" msgstr "알림" -#: fe-exec.c:1122 fe-exec.c:1180 fe-exec.c:1226 +#: fe-exec.c:1141 fe-exec.c:1199 fe-exec.c:1245 msgid "command string is a null pointer\n" msgstr "명령 문자열이 null 포인터\n" -#: fe-exec.c:1186 fe-exec.c:1232 fe-exec.c:1327 +#: fe-exec.c:1205 fe-exec.c:1251 fe-exec.c:1346 msgid "number of parameters must be between 0 and 65535\n" msgstr "매개변수값으로 숫자는 0에서 65535까지만 쓸 수 있음\n" -#: fe-exec.c:1220 fe-exec.c:1321 +#: fe-exec.c:1239 fe-exec.c:1340 msgid "statement name is a null pointer\n" msgstr "실행 구문 이름이 null 포인트(값이 없음)입니다\n" -#: fe-exec.c:1240 fe-exec.c:1404 fe-exec.c:2119 fe-exec.c:2318 +#: fe-exec.c:1259 fe-exec.c:1423 fe-exec.c:2141 fe-exec.c:2340 msgid "function requires at least protocol version 3.0\n" msgstr "함수는 적어도 버전 3의 프로토콜을 요구하고 있습니다\n" -#: fe-exec.c:1358 +#: fe-exec.c:1377 msgid "no connection to the server\n" msgstr "서버에 대한 연결이 없음\n" -#: fe-exec.c:1365 +#: fe-exec.c:1384 msgid "another command is already in progress\n" msgstr "처리 중에 이미 다른 명령이 존재함\n" -#: fe-exec.c:1480 +#: fe-exec.c:1499 msgid "length must be given for binary parameter\n" msgstr "바이너리 자료 매개 변수를 사용할 때는 그 길이를 지정해야 함\n" -#: fe-exec.c:1749 +#: fe-exec.c:1771 #, c-format msgid "unexpected asyncStatus: %d\n" msgstr "기대되지 않은 동기화상태: %d\n" -#: fe-exec.c:1769 +#: fe-exec.c:1791 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" msgstr "PGEVT_RESULTCREATE 이벤트 동안 PGEventProc \"%s\" 실패함\n" -#: fe-exec.c:1929 +#: fe-exec.c:1951 msgid "COPY terminated by new PQexec" msgstr "새 PQexec 호출로 COPY 작업이 중지 되었습니다" -#: fe-exec.c:1937 +#: fe-exec.c:1959 msgid "COPY IN state must be terminated first\n" msgstr "COPY IN 상태가 먼저 끝나야함\n" -#: fe-exec.c:1957 +#: fe-exec.c:1979 msgid "COPY OUT state must be terminated first\n" msgstr "COPY OUT 상태가 먼저 끝나야함\n" -#: fe-exec.c:1965 +#: fe-exec.c:1987 msgid "PQexec not allowed during COPY BOTH\n" msgstr "COPY BOTH 작업 중에는 PQexec 사용할 수 없음\n" -#: fe-exec.c:2208 fe-exec.c:2275 fe-exec.c:2365 fe-protocol2.c:1352 -#: fe-protocol3.c:1752 +#: fe-exec.c:2230 fe-exec.c:2297 fe-exec.c:2387 fe-protocol2.c:1352 +#: fe-protocol3.c:1817 msgid "no COPY in progress\n" msgstr "처리 가운데 COPY가 없음\n" -#: fe-exec.c:2555 +#: fe-exec.c:2577 msgid "connection in wrong state\n" msgstr "잘못된 상태의 연결\n" -#: fe-exec.c:2586 +#: fe-exec.c:2608 msgid "invalid ExecStatusType code" msgstr "잘못된 ExecStatusType 코드" -#: fe-exec.c:2650 fe-exec.c:2673 +#: fe-exec.c:2635 +msgid "PGresult is not an error result\n" +msgstr "PGresult가 오류 결과가 아님\n" + +#: fe-exec.c:2710 fe-exec.c:2733 #, c-format msgid "column number %d is out of range 0..%d" msgstr "%d 번째 열은 0..%d 범위를 벗어났음" -#: fe-exec.c:2666 +#: fe-exec.c:2726 #, c-format msgid "row number %d is out of range 0..%d" msgstr "%d 번째 행(row)은 0..%d 범위를 벗어났음" -#: fe-exec.c:2688 +#: fe-exec.c:2748 #, c-format msgid "parameter number %d is out of range 0..%d" msgstr "%d개의 매개 변수는 0..%d 범위를 벗어났음" -#: fe-exec.c:2998 +#: fe-exec.c:3058 #, c-format msgid "could not interpret result from server: %s" msgstr "서버로부터 결과처리를 중지 시킬 수 없음: %s" -#: fe-exec.c:3237 fe-exec.c:3321 +#: fe-exec.c:3297 fe-exec.c:3381 msgid "incomplete multibyte character\n" msgstr "완성되지 않은 멀티바이트 문자\n" @@ -643,7 +650,7 @@ msgstr "%lu 정수형 크기는 pqPutInt 함수에서 지원하지 않음" msgid "connection not open\n" msgstr "연결 열기 실패\n" -#: fe-misc.c:812 fe-secure-openssl.c:249 fe-secure-openssl.c:355 +#: fe-misc.c:812 fe-secure-openssl.c:271 fe-secure-openssl.c:380 #: fe-secure.c:253 fe-secure.c:362 msgid "" "server closed the connection unexpectedly\n" @@ -659,8 +666,8 @@ msgid "timeout expired\n" msgstr "시간 초과\n" #: fe-misc.c:1061 -msgid "socket not open\n" -msgstr "소캣 열기 실패\n" +msgid "invalid socket\n" +msgstr "잘못된 소켓\n" #: fe-misc.c:1084 #, c-format @@ -684,7 +691,7 @@ msgstr "휴지(idle)동안 서버로 부터 0x%02x 형태 메시지를 받았음 #: fe-protocol2.c:503 fe-protocol2.c:538 fe-protocol2.c:1049 #: fe-protocol3.c:209 fe-protocol3.c:236 fe-protocol3.c:253 fe-protocol3.c:333 -#: fe-protocol3.c:720 fe-protocol3.c:1037 +#: fe-protocol3.c:728 fe-protocol3.c:951 msgid "out of memory" msgstr "메모리 부족" @@ -715,11 +722,11 @@ msgstr "" msgid "unexpected response from server; first received character was \"%c\"\n" msgstr "서버로부터 예상치 못한 응답을 받았음; \"%c\" 문자를 첫문자로 받았음\n" -#: fe-protocol2.c:762 fe-protocol2.c:937 fe-protocol3.c:627 fe-protocol3.c:841 +#: fe-protocol2.c:762 fe-protocol2.c:937 fe-protocol3.c:627 fe-protocol3.c:854 msgid "out of memory for query result" msgstr "쿼리 결과 처리를 위한 메모리 부족" -#: fe-protocol2.c:1395 fe-protocol3.c:1821 +#: fe-protocol2.c:1395 fe-protocol3.c:1886 #, c-format msgid "%s" msgstr "%s" @@ -729,7 +736,7 @@ msgstr "%s" msgid "lost synchronization with server, resetting connection" msgstr "서버와의 동기화가 끊김, 연결을 재 시도함" -#: fe-protocol2.c:1541 fe-protocol2.c:1573 fe-protocol3.c:2024 +#: fe-protocol2.c:1541 fe-protocol2.c:1573 fe-protocol3.c:2089 #, c-format msgid "protocol error: id=0x%x\n" msgstr "프로토콜 오류: id=0x%x\n" @@ -759,93 +766,101 @@ msgstr "\"T\" 메시지 안에 부족자 데이터" msgid "extraneous data in \"T\" message" msgstr "\"T\" 메시지 안에 잘못된 데이터" -#: fe-protocol3.c:749 fe-protocol3.c:781 fe-protocol3.c:799 +#: fe-protocol3.c:691 +msgid "extraneous data in \"t\" message" +msgstr "\"t\" 메시지 안에 잘못된 데이터" + +#: fe-protocol3.c:762 fe-protocol3.c:794 fe-protocol3.c:812 msgid "insufficient data in \"D\" message" msgstr "\"D\" 메시지 안에 불충분한 데이터" -#: fe-protocol3.c:755 +#: fe-protocol3.c:768 msgid "unexpected field count in \"D\" message" msgstr "\"D\" 메시지 안에 예상치 못한 필드 수" -#: fe-protocol3.c:808 +#: fe-protocol3.c:821 msgid "extraneous data in \"D\" message" msgstr "\"D\" 메시지 안에 잘못된 데이터" +#: fe-protocol3.c:1005 +msgid "no error message available\n" +msgstr "보여줄 오류 메시지가 없음\n" + #. translator: %s represents a digit string -#: fe-protocol3.c:940 fe-protocol3.c:959 +#: fe-protocol3.c:1035 fe-protocol3.c:1054 #, c-format msgid " at character %s" msgstr " 위치: %s" -#: fe-protocol3.c:972 +#: fe-protocol3.c:1067 #, c-format msgid "DETAIL: %s\n" msgstr "상세정보: %s\n" -#: fe-protocol3.c:975 +#: fe-protocol3.c:1070 #, c-format msgid "HINT: %s\n" msgstr "힌트: %s\n" -#: fe-protocol3.c:978 +#: fe-protocol3.c:1073 #, c-format msgid "QUERY: %s\n" msgstr "쿼리: %s\n" -#: fe-protocol3.c:981 +#: fe-protocol3.c:1080 #, c-format msgid "CONTEXT: %s\n" msgstr "구문: %s\n" -#: fe-protocol3.c:988 +#: fe-protocol3.c:1089 #, c-format msgid "SCHEMA NAME: %s\n" msgstr "스키마 이름: %s\n" -#: fe-protocol3.c:992 +#: fe-protocol3.c:1093 #, c-format msgid "TABLE NAME: %s\n" msgstr "테이블 이름: %s\n" -#: fe-protocol3.c:996 +#: fe-protocol3.c:1097 #, c-format msgid "COLUMN NAME: %s\n" msgstr "칼럼 이름: %s\n" -#: fe-protocol3.c:1000 +#: fe-protocol3.c:1101 #, c-format msgid "DATATYPE NAME: %s\n" msgstr "자료형 이름: %s\n" -#: fe-protocol3.c:1004 +#: fe-protocol3.c:1105 #, c-format msgid "CONSTRAINT NAME: %s\n" msgstr "제약조건 이름: %s\n" -#: fe-protocol3.c:1016 +#: fe-protocol3.c:1117 msgid "LOCATION: " msgstr "위치: " -#: fe-protocol3.c:1018 +#: fe-protocol3.c:1119 #, c-format msgid "%s, " msgstr "%s, " -#: fe-protocol3.c:1020 +#: fe-protocol3.c:1121 #, c-format msgid "%s:%s" msgstr "%s:%s" -#: fe-protocol3.c:1251 +#: fe-protocol3.c:1316 #, c-format msgid "LINE %d: " msgstr "줄 %d: " -#: fe-protocol3.c:1646 +#: fe-protocol3.c:1711 msgid "PQgetline: not doing text COPY OUT\n" msgstr "PQgetline: text COPY OUT 작업을 할 수 없음\n" -#: fe-secure-openssl.c:146 fe-secure-openssl.c:1006 fe-secure-openssl.c:1226 +#: fe-secure-openssl.c:146 fe-secure-openssl.c:1031 fe-secure-openssl.c:1251 #, c-format msgid "could not acquire mutex: %s\n" msgstr "mutex 취득 실패: %s\n" @@ -855,121 +870,121 @@ msgstr "mutex 취득 실패: %s\n" msgid "could not establish SSL connection: %s\n" msgstr "SSL 연결을 확립할 수 없음: %s\n" -#: fe-secure-openssl.c:254 fe-secure-openssl.c:360 fe-secure-openssl.c:1349 +#: fe-secure-openssl.c:276 fe-secure-openssl.c:385 fe-secure-openssl.c:1377 #, c-format msgid "SSL SYSCALL error: %s\n" msgstr "SSL SYSCALL 오류: %s\n" -#: fe-secure-openssl.c:261 fe-secure-openssl.c:367 fe-secure-openssl.c:1353 +#: fe-secure-openssl.c:283 fe-secure-openssl.c:392 fe-secure-openssl.c:1381 msgid "SSL SYSCALL error: EOF detected\n" msgstr "SSL SYSCALL 오류: EOF 감지됨\n" -#: fe-secure-openssl.c:272 fe-secure-openssl.c:378 fe-secure-openssl.c:1362 +#: fe-secure-openssl.c:294 fe-secure-openssl.c:403 fe-secure-openssl.c:1390 #, c-format msgid "SSL error: %s\n" msgstr "SSL 오류: %s\n" -#: fe-secure-openssl.c:287 fe-secure-openssl.c:393 +#: fe-secure-openssl.c:309 fe-secure-openssl.c:418 msgid "SSL connection has been closed unexpectedly\n" -msgstr "" +msgstr "SSL 연결이 예상치 못하게 끊김\n" -#: fe-secure-openssl.c:293 fe-secure-openssl.c:399 fe-secure-openssl.c:1371 +#: fe-secure-openssl.c:315 fe-secure-openssl.c:424 fe-secure-openssl.c:1399 #, c-format msgid "unrecognized SSL error code: %d\n" msgstr "알 수 없는 SSL 오류 코드: %d\n" -#: fe-secure-openssl.c:511 +#: fe-secure-openssl.c:536 msgid "SSL certificate's name entry is missing\n" msgstr "SSL 인증서의 이름 항목이 잘못됨\n" -#: fe-secure-openssl.c:541 +#: fe-secure-openssl.c:566 msgid "SSL certificate's name contains embedded null\n" msgstr "SSL 인증서의 이름에 null 문자가 있음\n" -#: fe-secure-openssl.c:592 +#: fe-secure-openssl.c:617 msgid "host name must be specified for a verified SSL connection\n" msgstr "인증된 SSL 접속을 위해서는 호스트 이름을 지정해야 함\n" -#: fe-secure-openssl.c:692 +#: fe-secure-openssl.c:717 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" msgstr "" "서버 인증서의 이름 \"%s\"이(가) 호스트 이름 \"%s\"과(와) 일치하지 않음\n" -#: fe-secure-openssl.c:698 +#: fe-secure-openssl.c:723 msgid "could not get server's host name from server certificate\n" msgstr "서버 인증서에서 서버 호스트 이름을 찾을 수 없음\n" -#: fe-secure-openssl.c:845 +#: fe-secure-openssl.c:870 #, c-format msgid "could not create SSL context: %s\n" msgstr "SSL context를 만들 수 없음: %s\n" -#: fe-secure-openssl.c:976 +#: fe-secure-openssl.c:1001 #, c-format msgid "could not open certificate file \"%s\": %s\n" msgstr "\"%s\" 인증서 파일을 열수 없음: %s\n" -#: fe-secure-openssl.c:1015 fe-secure-openssl.c:1030 +#: fe-secure-openssl.c:1040 fe-secure-openssl.c:1055 #, c-format msgid "could not read certificate file \"%s\": %s\n" msgstr "\"%s\" 인증서 파일을 읽을 수 없음: %s\n" -#: fe-secure-openssl.c:1085 +#: fe-secure-openssl.c:1110 #, c-format msgid "could not load SSL engine \"%s\": %s\n" msgstr "SSL 엔진 \"%s\"을(를) 로드할 수 없음: %s\n" -#: fe-secure-openssl.c:1097 +#: fe-secure-openssl.c:1122 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" msgstr "SSL 엔진 \"%s\"을(를) 초기화할 수 없음: %s\n" -#: fe-secure-openssl.c:1113 +#: fe-secure-openssl.c:1138 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "개인 SSL 키 \"%s\"을(를) \"%s\" 엔진에서 읽을 수 없음: %s\n" -#: fe-secure-openssl.c:1127 +#: fe-secure-openssl.c:1152 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "개인 SSL 키 \"%s\"을(를) \"%s\" 엔진에서 읽을 수 없음: %s\n" -#: fe-secure-openssl.c:1164 +#: fe-secure-openssl.c:1189 #, c-format msgid "certificate present, but not private key file \"%s\"\n" msgstr "인증서가 있지만, \"%s\" 개인키가 아닙니다.\n" -#: fe-secure-openssl.c:1172 +#: fe-secure-openssl.c:1197 #, c-format msgid "" "private key file \"%s\" has group or world access; permissions should be " "u=rw (0600) or less\n" msgstr "" -"개인 키 파일 \"%s\"에 그룹 또는 범용 액세스 권한이 있습니다. 권한은 u=rw" -"(0600) 이하여야 합니다.\n" +"개인 키 파일 \"%s\"에 그룹 또는 범용 액세스 권한이 있습니다. 권한은 " +"u=rw(0600) 이하여야 합니다.\n" -#: fe-secure-openssl.c:1183 +#: fe-secure-openssl.c:1208 #, c-format msgid "could not load private key file \"%s\": %s\n" msgstr "\"%s\" 개인키 파일을 불러들일 수 없습니다: %s\n" -#: fe-secure-openssl.c:1197 +#: fe-secure-openssl.c:1222 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" msgstr "인증서가 \"%s\" 개인키 파일과 맞지 않습니다: %s\n" -#: fe-secure-openssl.c:1235 +#: fe-secure-openssl.c:1260 #, c-format msgid "could not read root certificate file \"%s\": %s\n" msgstr "\"%s\" 루트 인증서 파일을 읽을 수 없음: %s\n" -#: fe-secure-openssl.c:1265 +#: fe-secure-openssl.c:1290 #, c-format msgid "SSL library does not support CRL certificates (file \"%s\")\n" msgstr "SSL 라이브러리가 CRL 인증서 (\"%s\" 파일)를 지원하지 않음\n" -#: fe-secure-openssl.c:1298 +#: fe-secure-openssl.c:1323 msgid "" "could not get home directory to locate root certificate file\n" "Either provide the file or change sslmode to disable server certificate " @@ -979,7 +994,7 @@ msgstr "" "해당 파일을 제공하거나 서버 인증서 확인을 사용하지 않도록 sslmode를 변경하십" "시오.\n" -#: fe-secure-openssl.c:1302 +#: fe-secure-openssl.c:1327 #, c-format msgid "" "root certificate file \"%s\" does not exist\n" @@ -990,17 +1005,17 @@ msgstr "" "해당 파일을 제공하거나 서버 인증서 확인을 사용하지 않도록 sslmode를 변경하십" "시오.\n" -#: fe-secure-openssl.c:1390 +#: fe-secure-openssl.c:1420 #, c-format msgid "certificate could not be obtained: %s\n" msgstr "인증서를 구하질 못했습니다: %s\n" -#: fe-secure-openssl.c:1482 +#: fe-secure-openssl.c:1512 #, c-format msgid "no SSL error reported" msgstr "SSL 오류 없음이 보고됨" -#: fe-secure-openssl.c:1491 +#: fe-secure-openssl.c:1521 #, c-format msgid "SSL error code %lu" msgstr "SSL 오류 번호 %lu" diff --git a/src/interfaces/libpq/po/pl.po b/src/interfaces/libpq/po/pl.po index 8dfe20cf20..330c0d7d4b 100644 --- a/src/interfaces/libpq/po/pl.po +++ b/src/interfaces/libpq/po/pl.po @@ -2,13 +2,13 @@ # Copyright (c) 2005 toczek, xxxtoczekxxx@wp.pl # Distributed under the same licensing terms as PostgreSQL itself. # Begina Felicysym <begina.felicysym@wp.eu>, 2011, 2012, 2013. -# grzegorz <begina.felicysym@wp.eu>, 2015, 2016. +# grzegorz <begina.felicysym@wp.eu>, 2015, 2016, 2017. msgid "" msgstr "" "Project-Id-Version: libpq (PostgreSQL 9.1)\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" -"POT-Creation-Date: 2016-07-03 03:08+0000\n" -"PO-Revision-Date: 2016-07-03 17:29+0200\n" +"POT-Creation-Date: 2017-03-14 17:38+0000\n" +"PO-Revision-Date: 2017-03-14 19:21+0200\n" "Last-Translator: grzegorz <begina.felicysym@wp.eu>\n" "Language-Team: begina.felicysym@wp.eu\n" "Language: pl\n" @@ -19,101 +19,121 @@ msgstr "" "|| n%100>=20) ? 1 : 2);\n" "X-Generator: Virtaal 0.7.1\n" -#: fe-auth.c:148 +#: fe-auth.c:149 msgid "GSSAPI continuation error" msgstr "błąd kontynuowania GSSAPI" -#: fe-auth.c:177 fe-auth.c:412 +#: fe-auth.c:179 fe-auth.c:415 msgid "host name must be specified\n" msgstr "nazwa hosta musi być określona\n" -#: fe-auth.c:184 +#: fe-auth.c:186 msgid "duplicate GSS authentication request\n" msgstr "podwójne żądanie autoryzacji GSS\n" -#: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 -#: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 -#: fe-connect.c:2091 fe-connect.c:3484 fe-connect.c:3736 fe-connect.c:3855 -#: fe-connect.c:4095 fe-connect.c:4175 fe-connect.c:4274 fe-connect.c:4526 -#: fe-connect.c:4555 fe-connect.c:4627 fe-connect.c:4645 fe-connect.c:4741 -#: fe-connect.c:5075 fe-connect.c:5225 fe-exec.c:2634 fe-exec.c:3381 -#: fe-exec.c:3546 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 -#: fe-protocol3.c:1678 fe-secure-openssl.c:552 fe-secure-openssl.c:1094 +#: fe-auth.c:199 fe-auth.c:311 fe-auth.c:386 fe-auth.c:421 fe-auth.c:465 +#: fe-auth.c:599 fe-auth.c:902 fe-connect.c:716 fe-connect.c:1086 +#: fe-connect.c:1262 fe-connect.c:1798 fe-connect.c:2326 fe-connect.c:4000 +#: fe-connect.c:4252 fe-connect.c:4371 fe-connect.c:4611 fe-connect.c:4691 +#: fe-connect.c:4790 fe-connect.c:5046 fe-connect.c:5075 fe-connect.c:5147 +#: fe-connect.c:5165 fe-connect.c:5266 fe-connect.c:5275 fe-connect.c:5631 +#: fe-connect.c:5781 fe-exec.c:2651 fe-exec.c:3398 fe-exec.c:3563 +#: fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 fe-protocol3.c:1678 +#: fe-secure-openssl.c:514 fe-secure-openssl.c:1137 msgid "out of memory\n" msgstr "brak pamięci\n" -#: fe-auth.c:210 +#: fe-auth.c:212 msgid "GSSAPI name import error" msgstr "błąd importu nazwy GSSAPI" -#: fe-auth.c:298 +#: fe-auth.c:300 msgid "SSPI continuation error" msgstr "błąd kontynuowania SSPI" -#: fe-auth.c:398 +#: fe-auth.c:401 msgid "could not acquire SSPI credentials" msgstr "nie można nabyć poświadczeń SSPI" -#: fe-auth.c:489 +#: fe-auth.c:474 +#, c-format +msgid "SASL authentication mechanism %s not supported\n" +msgstr "mechanizm autoryzacji %s SASL nie jest dostępny\n" + +#: fe-auth.c:574 msgid "SCM_CRED authentication method not supported\n" msgstr "Metoda autoryzacji SCM_CRED nie jest dostępna\n" -#: fe-auth.c:565 +#: fe-auth.c:650 msgid "Kerberos 4 authentication not supported\n" msgstr "metoda autoryzacji Kerberos 4 nie jest dostępna\n" -#: fe-auth.c:570 +#: fe-auth.c:655 msgid "Kerberos 5 authentication not supported\n" msgstr "metoda autoryzacji Kerberos 5 nie jest dostępna\n" -#: fe-auth.c:641 +#: fe-auth.c:726 msgid "GSSAPI authentication not supported\n" msgstr "Metoda autoryzacji GSSAPI nie jest dostępna\n" -#: fe-auth.c:673 +#: fe-auth.c:758 msgid "SSPI authentication not supported\n" msgstr "Metoda autoryzacji SSPI nie jest dostępna\n" -#: fe-auth.c:681 +#: fe-auth.c:766 msgid "Crypt authentication not supported\n" msgstr "metoda autoryzacji Crypt nie jest dostępna\n" -#: fe-auth.c:708 +#: fe-auth.c:830 #, c-format msgid "authentication method %u not supported\n" msgstr "metoda autoryzacji %u nie jest dostępna\n" -#: fe-auth.c:755 +#: fe-auth.c:877 #, c-format msgid "user name lookup failure: error code %lu\n" msgstr "niepowodzenie wyszukiwania nazwy użytkownika: kod błędu %lu\n" -#: fe-auth.c:765 fe-connect.c:2018 +#: fe-auth.c:887 fe-connect.c:2253 #, c-format msgid "could not look up local user ID %d: %s\n" msgstr "nie udało się odnaleźć lokalnego ID użytkownika %d: %s\n" -#: fe-auth.c:770 fe-connect.c:2023 +#: fe-auth.c:892 fe-connect.c:2258 #, c-format msgid "local user with ID %d does not exist\n" msgstr "lokalny użytkownik o ID %d nie istnieje\n" -#: fe-connect.c:846 +#: fe-connect.c:918 +#, c-format +msgid "could not match %d port numbers to %d hosts\n" +msgstr "nie można dopasować %d numerów portów do %d hostów\n" + +#: fe-connect.c:970 +msgid "could not get home directory to locate password file\n" +msgstr "nie można pobrać katalogu domowego aby zlokalizować plik haseł\n" + +#: fe-connect.c:1012 #, c-format msgid "invalid sslmode value: \"%s\"\n" msgstr "błędna wartość sslmode: \"%s\"\n" -#: fe-connect.c:867 +#: fe-connect.c:1033 #, c-format msgid "sslmode value \"%s\" invalid when SSL support is not compiled in\n" msgstr "błędna wartość sslmode \"%s\" gdyż obsługa SSL nie została skompilowana\n" -#: fe-connect.c:1104 +#: fe-connect.c:1068 +#, c-format +msgid "invalid target_session_attrs value: \"%s\"\n" +msgstr "błędna wartość target_session_attrs: \"%s\"\n" + +#: fe-connect.c:1286 #, c-format msgid "could not set socket to TCP no delay mode: %s\n" msgstr "nie można ustawić gniazda TCP w tryb bez opóźnień: %s\n" -#: fe-connect.c:1134 +#: fe-connect.c:1316 #, c-format msgid "" "could not connect to server: %s\n" @@ -124,7 +144,7 @@ msgstr "" "\tCzy serwer działa lokalnie i akceptuje\n" "\tpołączenia przy pomocy gniazd dziedziny Uniksa \"%s\"?\n" -#: fe-connect.c:1189 +#: fe-connect.c:1371 #, c-format msgid "" "could not connect to server: %s\n" @@ -135,7 +155,7 @@ msgstr "" "\tCzy serwer działa na serwerze \"%s\" (%s) i akceptuje\n" "\tpołączenia TCP/IP na porcie %s?\n" -#: fe-connect.c:1198 +#: fe-connect.c:1380 #, c-format msgid "" "could not connect to server: %s\n" @@ -146,302 +166,325 @@ msgstr "" "\tCzy serwer działa na stacji sieciowej \"%s\" i akceptuje\n" "\tpołączenia TCP/IP na porcie %s?\n" -#: fe-connect.c:1249 +#: fe-connect.c:1431 #, c-format msgid "setsockopt(TCP_KEEPIDLE) failed: %s\n" msgstr "nie powiodło się setsockopt(TCP_KEEPIDLE): %s\n" -#: fe-connect.c:1262 +#: fe-connect.c:1444 #, c-format msgid "setsockopt(TCP_KEEPALIVE) failed: %s\n" msgstr "nie powiodło się setsockopt(TCP_KEEPALIVE): %s\n" -#: fe-connect.c:1294 +#: fe-connect.c:1476 #, c-format msgid "setsockopt(TCP_KEEPINTVL) failed: %s\n" msgstr "nie powiodło się setsockopt(TCP_KEEPINTVL): %s\n" -#: fe-connect.c:1326 +#: fe-connect.c:1508 #, c-format msgid "setsockopt(TCP_KEEPCNT) failed: %s\n" msgstr "nie powiodło się setsockopt(TCP_KEEPCNT): %s\n" -#: fe-connect.c:1374 +#: fe-connect.c:1556 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" msgstr "nie powiodło się WSAIoctl(SIO_KEEPALIVE_VALS): %ui\n" -#: fe-connect.c:1426 +#: fe-connect.c:1614 #, c-format msgid "invalid port number: \"%s\"\n" msgstr "nieprawidłowy numer portu: \"%s\"\n" -#: fe-connect.c:1459 +#: fe-connect.c:1638 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" msgstr "Za długa ścieżka gniazda domeny Unix \"%s\" (maks %d bajtów)\n" -#: fe-connect.c:1478 +#: fe-connect.c:1656 #, c-format msgid "could not translate host name \"%s\" to address: %s\n" msgstr "nie można przetłumaczyć nazwy hosta \"%s\" na adres: %s\n" -#: fe-connect.c:1482 +#: fe-connect.c:1660 #, c-format msgid "could not translate Unix-domain socket path \"%s\" to address: %s\n" msgstr "nie można przetłumaczyć ścieżki gniazda domeny Uniks \"%s\" na adres: %s\n" -#: fe-connect.c:1687 +#: fe-connect.c:1904 msgid "invalid connection state, probably indicative of memory corruption\n" msgstr "błędny stan połączenia, prawdopodobnie oznajmiający uszkodzenie pamięci\n" -#: fe-connect.c:1727 +#: fe-connect.c:1961 #, c-format msgid "could not create socket: %s\n" msgstr "nie można utworzyć gniazda: %s\n" -#: fe-connect.c:1749 +#: fe-connect.c:1983 #, c-format msgid "could not set socket to nonblocking mode: %s\n" msgstr "nie można ustawić gniazda w tryb nieblokujący: %s\n" -#: fe-connect.c:1760 +#: fe-connect.c:1994 #, c-format msgid "could not set socket to close-on-exec mode: %s\n" msgstr "nie można ustawić gniazda obsługi zamknięcia przy uruchomieniu: %s\n" -#: fe-connect.c:1779 +#: fe-connect.c:2013 msgid "keepalives parameter must be an integer\n" msgstr "parametr keepalives musi być liczbą całkowitą\n" -#: fe-connect.c:1792 +#: fe-connect.c:2026 #, c-format msgid "setsockopt(SO_KEEPALIVE) failed: %s\n" msgstr "nie powiodło się setsockopt(SO_KEEPALIVE): %s\n" -#: fe-connect.c:1929 +#: fe-connect.c:2163 #, c-format msgid "could not get socket error status: %s\n" msgstr "nie można otrzymać błędu gniazda: %s\n" -#: fe-connect.c:1963 +#: fe-connect.c:2198 #, c-format msgid "could not get client address from socket: %s\n" msgstr "nie można otrzymać adresu klienta z gniazda: %s\n" -#: fe-connect.c:2005 +#: fe-connect.c:2240 msgid "requirepeer parameter is not supported on this platform\n" msgstr "parametr requirepeer nie jest obsługiwany na tej platformie\n" -#: fe-connect.c:2008 +#: fe-connect.c:2243 #, c-format msgid "could not get peer credentials: %s\n" msgstr "nie można pobrać poświadczeń wzajemnych: %s\n" -#: fe-connect.c:2031 +#: fe-connect.c:2266 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" -msgstr "requirepeer wskazuje \"%s\", ale nazwa bieżącego użytkownika równorzędnego to \"%s\"\n" +msgstr "requirepeer wskazuje \"%s\", ale nazwa bieżącego użytkownika równorzędnego to " +"\"%s\"\n" -#: fe-connect.c:2065 +#: fe-connect.c:2300 #, c-format msgid "could not send SSL negotiation packet: %s\n" msgstr "nie można wysłać pakietu negocjacji SSL: %s\n" -#: fe-connect.c:2104 +#: fe-connect.c:2339 #, c-format msgid "could not send startup packet: %s\n" msgstr "nie można wysłać pakietu rozpoczynającego: %s\n" -#: fe-connect.c:2174 +#: fe-connect.c:2409 msgid "server does not support SSL, but SSL was required\n" msgstr "serwer nie obsługuje SSL, ale SSL było wymagane\n" -#: fe-connect.c:2200 +#: fe-connect.c:2435 #, c-format msgid "received invalid response to SSL negotiation: %c\n" msgstr "otrzymano niepoprawną odpowiedź negocjacji SSL: %c\n" -#: fe-connect.c:2275 fe-connect.c:2308 +#: fe-connect.c:2510 fe-connect.c:2543 #, c-format msgid "expected authentication request from server, but received %c\n" msgstr "oczekiwano prośby autoryzacji z serwera ale otrzymano %c\n" -#: fe-connect.c:2475 +#: fe-connect.c:2710 #, c-format msgid "out of memory allocating GSSAPI buffer (%d)" msgstr "brak pamięci podczas alokacji bufora GSSAPI (%d)" -#: fe-connect.c:2560 +#: fe-connect.c:2748 +#, c-format +msgid "out of memory allocating SASL buffer (%d)" +msgstr "brak pamięci podczas alokacji bufora SASL (%d)" + +#: fe-connect.c:2838 msgid "unexpected message from server during startup\n" msgstr "niespodziewana wiadomość z serwera podczas startu\n" -#: fe-connect.c:2654 +#: fe-connect.c:3042 +#, c-format +msgid "could not make a writable connection to server \"%s:%s\"\n" +msgstr "nie można ustanowić połączenia z serwerem do zapisu: \"%s:%s\"\n" + +#: fe-connect.c:3084 +#, c-format +msgid "test \"show transaction_read_only\" failed on \"%s:%s\" \n" +msgstr "niepowodzenie testu \"show transaction_read_only\" na \"%s:%s\" \n" + +#: fe-connect.c:3106 #, c-format msgid "invalid connection state %d, probably indicative of memory corruption\n" -msgstr "nieprawidłowy stan połączenia %d, prawdopodobnie wskazujący na uszkodzenie pamięci\n" +msgstr "nieprawidłowy stan połączenia %d, prawdopodobnie wskazujący na uszkodzenie " +"pamięci\n" -#: fe-connect.c:3090 fe-connect.c:3150 +#: fe-connect.c:3606 fe-connect.c:3666 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" msgstr "PGEventProc \"%s\" zawiodła podczas zdarzenia PGEVT_CONNRESET\n" -#: fe-connect.c:3497 +#: fe-connect.c:4013 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" msgstr "Niepoprawny adres URL LDAP \"%s\": schemat musi być ldap://\n" -#: fe-connect.c:3512 +#: fe-connect.c:4028 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" msgstr "niepoprawny adres URL LDAP \"%s\": brakująca nazwa wyróżniająca\n" -#: fe-connect.c:3523 fe-connect.c:3576 +#: fe-connect.c:4039 fe-connect.c:4092 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" msgstr "niepoprawny adres URL LDAP \"%s\": musi mieć dokładnie jeden atrybut\n" -#: fe-connect.c:3533 fe-connect.c:3590 +#: fe-connect.c:4049 fe-connect.c:4106 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" -msgstr "niepoprawny adres URL LDAP \"%s\": musi mieć zakres wyszukiwania (base/one/sub)\n" +msgstr "niepoprawny adres URL LDAP \"%s\": musi mieć zakres wyszukiwania " +"(base/one/sub)\n" -#: fe-connect.c:3544 +#: fe-connect.c:4060 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" msgstr "niepoprawny adres URL LDAP \"%s\": brak filtra\n" -#: fe-connect.c:3565 +#: fe-connect.c:4081 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" msgstr "niepoprawny adres URL LDAP \"%s\": niepoprawny numer portu\n" -#: fe-connect.c:3599 +#: fe-connect.c:4115 msgid "could not create LDAP structure\n" msgstr "nie można utworzyć struktury LDAP\n" -#: fe-connect.c:3675 +#: fe-connect.c:4191 #, c-format msgid "lookup on LDAP server failed: %s\n" msgstr "przeszukiwanie LDAP nie powiodło się: %s\n" -#: fe-connect.c:3686 +#: fe-connect.c:4202 msgid "more than one entry found on LDAP lookup\n" msgstr "ponad jeden wpis znaleziono podczas przeszukiwania LDAP\n" -#: fe-connect.c:3687 fe-connect.c:3699 +#: fe-connect.c:4203 fe-connect.c:4215 msgid "no entry found on LDAP lookup\n" msgstr "nie znaleziono wpisu podczas przeszukiwania LDAP\n" -#: fe-connect.c:3710 fe-connect.c:3723 +#: fe-connect.c:4226 fe-connect.c:4239 msgid "attribute has no values on LDAP lookup\n" msgstr "atrybut nie ma wartości w przeszukiwaniu LDAP\n" -#: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 +#: fe-connect.c:4291 fe-connect.c:4310 fe-connect.c:4829 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" msgstr "brakujące \"=\" po \"%s\" w łańcuchu informacyjnym połączenia\n" -#: fe-connect.c:3867 fe-connect.c:4494 fe-connect.c:5208 +#: fe-connect.c:4383 fe-connect.c:5014 fe-connect.c:5764 #, c-format msgid "invalid connection option \"%s\"\n" msgstr "błędna opcja połączenia \"%s\"\n" -#: fe-connect.c:3883 fe-connect.c:4362 +#: fe-connect.c:4399 fe-connect.c:4878 msgid "unterminated quoted string in connection info string\n" msgstr "niezamknięty cudzysłów w łańcuchu informacyjnym połączenia\n" -#: fe-connect.c:3923 +#: fe-connect.c:4439 msgid "could not get home directory to locate service definition file" -msgstr "nie można pobrać katalogu domowego aby zlokalizować plik definicji usługi" +msgstr "" +"nie można pobrać katalogu domowego aby zlokalizować plik definicji usługi" -#: fe-connect.c:3956 +#: fe-connect.c:4472 #, c-format msgid "definition of service \"%s\" not found\n" msgstr "nie znaleziono definicji usługi \"%s\"\n" -#: fe-connect.c:3979 +#: fe-connect.c:4495 #, c-format msgid "service file \"%s\" not found\n" msgstr "nie znaleziono pliku usługi \"%s\"\n" -#: fe-connect.c:3992 +#: fe-connect.c:4508 #, c-format msgid "line %d too long in service file \"%s\"\n" msgstr "zbyt długa linia %d w pliku usługi \"%s\"\n" -#: fe-connect.c:4063 fe-connect.c:4107 +#: fe-connect.c:4579 fe-connect.c:4623 #, c-format msgid "syntax error in service file \"%s\", line %d\n" msgstr "błąd składni w pliku usługi \"%s\", linia %d\n" -#: fe-connect.c:4074 +#: fe-connect.c:4590 #, c-format msgid "nested service specifications not supported in service file \"%s\", line %d\n" -msgstr "zagnieżdżone specyfikacje usług nie są obsługiwane w pliku usługi \"%s\", linia %d\n" +msgstr "zagnieżdżone specyfikacje usług nie są obsługiwane w pliku usługi \"%s\", " +"linia %d\n" -#: fe-connect.c:4752 +#: fe-connect.c:5286 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" msgstr "niepoprawny URI przekazany do wewnętrznej procedury parsującej: \"%s\"\n" -#: fe-connect.c:4822 +#: fe-connect.c:5363 #, c-format msgid "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n" -msgstr "osiągnięto koniec ciągu znaków podczas wyszukiwania kończącego \"]\" w adresie IPv6 hosta w URI: \"%s\"\n" +msgstr "osiągnięto koniec ciągu znaków podczas wyszukiwania kończącego \"]\" w adresie " +"IPv6 hosta w URI: \"%s\"\n" -#: fe-connect.c:4829 +#: fe-connect.c:5370 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" msgstr "adres IPv6 hosta nie może być pusty w URI: \"%s\"\n" -#: fe-connect.c:4844 +#: fe-connect.c:5385 #, c-format msgid "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n" msgstr "nieoczekiwany znak \"%c\" w URI na pozycji %d (oczekiwano \":\" lub \"/\"): \"%s\"\n" -#: fe-connect.c:4958 +#: fe-connect.c:5514 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "nadmiarowy znak \"=\" rozdzielający klucz/wartość w parametrze zapytania URI: \"%s\"\n" +msgstr "nadmiarowy znak \"=\" rozdzielający klucz/wartość w parametrze zapytania URI: " +"\"%s\"\n" -#: fe-connect.c:4978 +#: fe-connect.c:5534 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" -msgstr "brak znaku \"=\" rozdzielającego klucz/wartość w parametrze zapytania URI: \"%s\"\n" +msgstr "brak znaku \"=\" rozdzielającego klucz/wartość w parametrze zapytania URI: \"%" +"s\"\n" -#: fe-connect.c:5029 +#: fe-connect.c:5585 #, c-format msgid "invalid URI query parameter: \"%s\"\n" msgstr "nieprawidłowy parametr zapytania URI: \"%s\"\n" -#: fe-connect.c:5103 +#: fe-connect.c:5659 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" msgstr "niepoprawny kodowany procentem znak: \"%s\"\n" -#: fe-connect.c:5113 +#: fe-connect.c:5669 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" msgstr "zabroniona wartość %%00 w znaku kodowanym procentem: \"%s\"\n" -#: fe-connect.c:5447 +#: fe-connect.c:6014 msgid "connection pointer is NULL\n" msgstr "wskaźnik połączenia ma wartość NULL\n" -#: fe-connect.c:5745 +#: fe-connect.c:6312 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" msgstr "OSTRZEŻENIE: plik hasła \"%s\" nie jest zwykłym plikiem\n" -#: fe-connect.c:5754 +#: fe-connect.c:6321 #, c-format msgid "WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "" "UWAGA: plik hasła \"%s\" posiada globalne lub grupowe uprawnienia odczytu;\n" "uprawniania powinny być ustawione na u=rw (0600) lub słabsze\n" -#: fe-connect.c:5860 +#: fe-connect.c:6413 #, c-format msgid "password retrieved from file \"%s\"\n" msgstr "hasło odczytane z pliku \"%s\"\n" @@ -450,99 +493,98 @@ msgstr "hasło odczytane z pliku \"%s\"\n" msgid "NOTICE" msgstr "UWAGA" -#: fe-exec.c:1123 fe-exec.c:1181 fe-exec.c:1227 +#: fe-exec.c:1141 fe-exec.c:1199 fe-exec.c:1245 msgid "command string is a null pointer\n" msgstr "łańcuch polecenia jest wskaźnikiem null\n" -#: fe-exec.c:1187 fe-exec.c:1233 fe-exec.c:1328 +#: fe-exec.c:1205 fe-exec.c:1251 fe-exec.c:1346 msgid "number of parameters must be between 0 and 65535\n" msgstr "liczba parametrów musi być pomiędzy 0 i 65535\n" -#: fe-exec.c:1221 fe-exec.c:1322 +#: fe-exec.c:1239 fe-exec.c:1340 msgid "statement name is a null pointer\n" msgstr "nazwa instrukcji jest wskaźnikiem null\n" -#: fe-exec.c:1241 fe-exec.c:1405 fe-exec.c:2123 fe-exec.c:2322 +#: fe-exec.c:1259 fe-exec.c:1422 fe-exec.c:2140 fe-exec.c:2339 msgid "function requires at least protocol version 3.0\n" msgstr "funkcja wymaga przynajmniej protokołu w wersji 3.0\n" -#: fe-exec.c:1359 +#: fe-exec.c:1377 msgid "no connection to the server\n" msgstr "brak połączenia z serwerem\n" -#: fe-exec.c:1366 +#: fe-exec.c:1384 msgid "another command is already in progress\n" msgstr "inne polecenie jest aktualnie wykonywane\n" -#: fe-exec.c:1481 +#: fe-exec.c:1498 msgid "length must be given for binary parameter\n" msgstr "musi być podana długość parametru binarnego\n" -#: fe-exec.c:1753 +#: fe-exec.c:1770 #, c-format msgid "unexpected asyncStatus: %d\n" msgstr "nieoczekiwany asyncStatus: %d\n" -#: fe-exec.c:1773 +#: fe-exec.c:1790 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" msgstr "PGEventProc \"%s\" zawiodła podczas zdarzenia PGEVT_RESULTCREATE\n" -#: fe-exec.c:1933 +#: fe-exec.c:1950 msgid "COPY terminated by new PQexec" msgstr "COPY zakończone przez nowe PQexec" -#: fe-exec.c:1941 +#: fe-exec.c:1958 msgid "COPY IN state must be terminated first\n" msgstr "stan COPY IN musi zostać wcześniej zakończony\n" -#: fe-exec.c:1961 +#: fe-exec.c:1978 msgid "COPY OUT state must be terminated first\n" msgstr "stan COPY OUT musi zostać wcześniej zakończony\n" -#: fe-exec.c:1969 +#: fe-exec.c:1986 msgid "PQexec not allowed during COPY BOTH\n" msgstr "PQexec niedozwolone podczas COPY BOTH\n" -#: fe-exec.c:2212 fe-exec.c:2279 fe-exec.c:2369 fe-protocol2.c:1352 +#: fe-exec.c:2229 fe-exec.c:2296 fe-exec.c:2386 fe-protocol2.c:1352 #: fe-protocol3.c:1817 msgid "no COPY in progress\n" msgstr "brak COPY w toku\n" -#: fe-exec.c:2559 +#: fe-exec.c:2576 msgid "connection in wrong state\n" msgstr "połączenie posiada błędny stan\n" -#: fe-exec.c:2590 +#: fe-exec.c:2607 msgid "invalid ExecStatusType code" msgstr "błędny kod ExecStatusType" -#: fe-exec.c:2617 -#| msgid "result is out of range" +#: fe-exec.c:2634 msgid "PGresult is not an error result\n" msgstr "PGresult nie jest wynikiem błedu\n" -#: fe-exec.c:2692 fe-exec.c:2715 +#: fe-exec.c:2709 fe-exec.c:2732 #, c-format msgid "column number %d is out of range 0..%d" msgstr "numer kolumny %d wykracza poza zakres 0..%d" -#: fe-exec.c:2708 +#: fe-exec.c:2725 #, c-format msgid "row number %d is out of range 0..%d" msgstr "numer wiersza %d wykracza poza zakres 0..%d" -#: fe-exec.c:2730 +#: fe-exec.c:2747 #, c-format msgid "parameter number %d is out of range 0..%d" msgstr "numer parametru %d wykracza poza zakres 0..%d" -#: fe-exec.c:3040 +#: fe-exec.c:3057 #, c-format msgid "could not interpret result from server: %s" msgstr "nie można zinterpretować wyników z serwera: %s" -#: fe-exec.c:3279 fe-exec.c:3363 +#: fe-exec.c:3296 fe-exec.c:3380 msgid "incomplete multibyte character\n" msgstr "niepełny znak wielobajtowy\n" @@ -643,7 +685,7 @@ msgstr "typ integer o rozmiarze %lu nie jest obsługiwany przez pqPutInt" msgid "connection not open\n" msgstr "połączenie nie jest otwarte\n" -#: fe-misc.c:812 fe-secure-openssl.c:271 fe-secure-openssl.c:380 +#: fe-misc.c:812 fe-secure-openssl.c:229 fe-secure-openssl.c:338 #: fe-secure.c:253 fe-secure.c:362 msgid "" "server closed the connection unexpectedly\n" @@ -659,7 +701,6 @@ msgid "timeout expired\n" msgstr "upłynął limit czasu rządania\n" #: fe-misc.c:1061 -#| msgid "invalid fork name" msgid "invalid socket\n" msgstr "nieprawidłowe gniazdo\n" @@ -692,17 +733,22 @@ msgstr "brak pamięci" #: fe-protocol2.c:529 #, c-format msgid "unexpected character %c following empty query response (\"I\" message)" -msgstr "nieznany znak %c następujący po odpowiedzi pustego zapytania (wiadomość \"I\")" +msgstr "" +"nieznany znak %c następujący po odpowiedzi pustego zapytania (wiadomość \"I\")" #: fe-protocol2.c:595 #, c-format msgid "server sent data (\"D\" message) without prior row description (\"T\" message)" -msgstr "serwer wysłał dane (wiadomość \"D\") bez wcześniejszego opisu wiersza (wiadomość \"T\")" +msgstr "" +"serwer wysłał dane (wiadomość \"D\") bez wcześniejszego opisu wiersza " +"(wiadomość \"T\")" #: fe-protocol2.c:613 #, c-format msgid "server sent binary data (\"B\" message) without prior row description (\"T\" message)" -msgstr "serwer wysłał dane binarne (wiadomość \"B\") bez wcześniejszego opisu wiersza (wiadomość \"T\")" +msgstr "" +"serwer wysłał dane binarne (wiadomość \"B\") bez wcześniejszego opisu wiersza " +"(wiadomość \"T\")" #: fe-protocol2.c:633 fe-protocol3.c:412 #, c-format @@ -730,7 +776,8 @@ msgstr "błąd protokołu: id=0x%x\n" #: fe-protocol3.c:368 msgid "server sent data (\"D\" message) without prior row description (\"T\" message)\n" -msgstr "serwer wysłał dane (wiadomość \"D\") bez wcześniejszego opisu wiersza (wiadomość \"T\")\n" +msgstr "serwer wysłał dane (wiadomość \"D\") bez wcześniejszego opisu wiersza " +"(wiadomość \"T\")\n" #: fe-protocol3.c:433 #, c-format @@ -751,7 +798,6 @@ msgid "extraneous data in \"T\" message" msgstr "nadmiarowe dane w wiadomości \"T\"" #: fe-protocol3.c:691 -#| msgid "extraneous data in \"T\" message" msgid "extraneous data in \"t\" message" msgstr "nadmiarowe dane w wiadomości \"t\"" @@ -768,7 +814,6 @@ msgid "extraneous data in \"D\" message" msgstr "nadmiarowe dane w wiadomości \"D\"" #: fe-protocol3.c:1005 -#| msgid "\\%s: error while setting variable\n" msgid "no error message available\n" msgstr "brak dostępnego komunikatu błędu\n" @@ -846,155 +891,152 @@ msgstr "LINIA %d: " msgid "PQgetline: not doing text COPY OUT\n" msgstr "PQgetline: nie działam aktualnie w stanie COPY OUT\n" -#: fe-secure-openssl.c:146 fe-secure-openssl.c:1031 fe-secure-openssl.c:1251 -#, c-format -msgid "could not acquire mutex: %s\n" -msgstr "nie można uzyskać muteksu: %s\n" - -#: fe-secure-openssl.c:158 -#, c-format -msgid "could not establish SSL connection: %s\n" -msgstr "nie można ustanowić połączenia SSL: %s\n" - -#: fe-secure-openssl.c:276 fe-secure-openssl.c:385 fe-secure-openssl.c:1377 +#: fe-secure-openssl.c:234 fe-secure-openssl.c:343 fe-secure-openssl.c:1321 #, c-format msgid "SSL SYSCALL error: %s\n" msgstr "błąd SSL SYSCALL: %s\n" -#: fe-secure-openssl.c:283 fe-secure-openssl.c:392 fe-secure-openssl.c:1381 +#: fe-secure-openssl.c:241 fe-secure-openssl.c:350 fe-secure-openssl.c:1325 msgid "SSL SYSCALL error: EOF detected\n" msgstr "błąd SSL SYSCALL: wykryto EOF\n" -#: fe-secure-openssl.c:294 fe-secure-openssl.c:403 fe-secure-openssl.c:1390 +#: fe-secure-openssl.c:252 fe-secure-openssl.c:361 fe-secure-openssl.c:1334 #, c-format msgid "SSL error: %s\n" msgstr "błąd SSL: %s\n" -#: fe-secure-openssl.c:309 fe-secure-openssl.c:418 +#: fe-secure-openssl.c:267 fe-secure-openssl.c:376 msgid "SSL connection has been closed unexpectedly\n" msgstr "Połączenie SSL zostało nieoczekiwanie zamknięte\n" -#: fe-secure-openssl.c:315 fe-secure-openssl.c:424 fe-secure-openssl.c:1399 +#: fe-secure-openssl.c:273 fe-secure-openssl.c:382 fe-secure-openssl.c:1343 #, c-format msgid "unrecognized SSL error code: %d\n" msgstr "nieznany błąd SSL o kodzie: %d\n" -#: fe-secure-openssl.c:536 +#: fe-secure-openssl.c:494 msgid "SSL certificate's name entry is missing\n" msgstr "brak wejścia nazwy certyfikatu SSL\n" -#: fe-secure-openssl.c:566 +#: fe-secure-openssl.c:528 msgid "SSL certificate's name contains embedded null\n" msgstr "nazwa certyfikatu SSL zawiera osadzony null\n" -#: fe-secure-openssl.c:617 +#: fe-secure-openssl.c:580 msgid "host name must be specified for a verified SSL connection\n" msgstr "nazwa hosta musi zostać podana dla zweryfikowanego połączenia SSL\n" -#: fe-secure-openssl.c:717 +#: fe-secure-openssl.c:680 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" msgstr "certyfikat dla serwera \"%s\" nie odpowiada nazwie hosta \"%s\"\n" -#: fe-secure-openssl.c:723 +#: fe-secure-openssl.c:686 msgid "could not get server's host name from server certificate\n" msgstr "nie można odczytać nazwy serwera z jego certyfikatu\n" -#: fe-secure-openssl.c:870 +#: fe-secure-openssl.c:928 #, c-format msgid "could not create SSL context: %s\n" msgstr "nie można utworzyć kontekstu SSL: %s\n" -#: fe-secure-openssl.c:1001 +#: fe-secure-openssl.c:965 +#, c-format +msgid "could not read root certificate file \"%s\": %s\n" +msgstr "nie można odczytać pliku z certyfikatem użytkownika root \"%s\": %s\n" + +#: fe-secure-openssl.c:993 +#, c-format +msgid "SSL library does not support CRL certificates (file \"%s\")\n" +msgstr "biblioteka SSL nie wspiera certyfikatów CRL (plik \"%s\")\n" + +#: fe-secure-openssl.c:1021 +msgid "" +"could not get home directory to locate root certificate file\n" +"Either provide the file or change sslmode to disable server certificate verification.\n" +msgstr "" +"nie można pobrać folderu domowego aby zlokalizować plik certyfikatu głównego\n" +"Albo dostarcz plik albo zmień tryb ssl by zablokować weryfikację certyfikatu " +"serwera.\n" + +#: fe-secure-openssl.c:1025 +#, c-format +msgid "" +"root certificate file \"%s\" does not exist\n" +"Either provide the file or change sslmode to disable server certificate verification.\n" +msgstr "" +"plik certyfikatu głównego \"%s\" nie istnieje\n" +"Albo dostarcz plik albo zmień tryb ssl by zablokować weryfikację certyfikatu " +"serwera.\n" + +#: fe-secure-openssl.c:1056 #, c-format msgid "could not open certificate file \"%s\": %s\n" msgstr "nie można otworzyć pliku certyfikatu \"%s\": %s\n" -#: fe-secure-openssl.c:1040 fe-secure-openssl.c:1055 +#: fe-secure-openssl.c:1075 #, c-format msgid "could not read certificate file \"%s\": %s\n" msgstr "nie można odczytać pliku certyfikatu \"%s\": %s\n" -#: fe-secure-openssl.c:1110 +#: fe-secure-openssl.c:1099 +#, c-format +msgid "could not establish SSL connection: %s\n" +msgstr "nie można ustanowić połączenia SSL: %s\n" + +#: fe-secure-openssl.c:1153 #, c-format msgid "could not load SSL engine \"%s\": %s\n" msgstr "nie można wczytać silnika SSL \"%s\": %s\n" -#: fe-secure-openssl.c:1122 +#: fe-secure-openssl.c:1165 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" msgstr "nie można zainicjować silnika SSL \"%s\": %s\n" -#: fe-secure-openssl.c:1138 +#: fe-secure-openssl.c:1181 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "nie można odczytać prywatnego klucza SSL \"%s\" z silnika \"%s\": %s\n" -#: fe-secure-openssl.c:1152 +#: fe-secure-openssl.c:1195 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "nie można pobrać prywatnego klucza SSL \"%s\" z silnika \"%s\": %s\n" -#: fe-secure-openssl.c:1189 +#: fe-secure-openssl.c:1232 #, c-format msgid "certificate present, but not private key file \"%s\"\n" msgstr "znaleziono certyfikat ale nie znaleziono pliku z prywatnym kluczem \"%s\"\n" -#: fe-secure-openssl.c:1197 +#: fe-secure-openssl.c:1240 #, c-format msgid "private key file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "" "plik hasła \"%s\" posiada globalne lub grupowe uprawnienia odczytu;\n" "uprawniania powinny być ustawione na u=rw (0600) lub niżej\n" -#: fe-secure-openssl.c:1208 +#: fe-secure-openssl.c:1251 #, c-format msgid "could not load private key file \"%s\": %s\n" msgstr "nie można pobrać pliku z kluczem prywatnym \"%s\": %s\n" -#: fe-secure-openssl.c:1222 +#: fe-secure-openssl.c:1265 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" msgstr "certyfikat nie pokrywa się z prywatnym kluczem w pliku \"%s\": %s\n" -#: fe-secure-openssl.c:1260 -#, c-format -msgid "could not read root certificate file \"%s\": %s\n" -msgstr "nie można odczytać pliku z certyfikatem użytkownika root \"%s\": %s\n" - -#: fe-secure-openssl.c:1290 -#, c-format -msgid "SSL library does not support CRL certificates (file \"%s\")\n" -msgstr "biblioteka SSL nie wspiera certyfikatów CRL (plik \"%s\")\n" - -#: fe-secure-openssl.c:1323 -msgid "" -"could not get home directory to locate root certificate file\n" -"Either provide the file or change sslmode to disable server certificate verification.\n" -msgstr "" -"nie można pobrać folderu domowego aby zlokalizować plik certyfikatu głównego\n" -"Albo dostarcz plik albo zmień tryb ssl by zablokować weryfikację certyfikatu serwera.\n" - -#: fe-secure-openssl.c:1327 -#, c-format -msgid "" -"root certificate file \"%s\" does not exist\n" -"Either provide the file or change sslmode to disable server certificate verification.\n" -msgstr "" -"plik certyfikatu głównego \"%s\" nie istnieje\n" -"Albo dostarcz plik albo zmień tryb ssl by zablokować weryfikację certyfikatu serwera.\n" - -#: fe-secure-openssl.c:1420 +#: fe-secure-openssl.c:1364 #, c-format msgid "certificate could not be obtained: %s\n" msgstr "certyfikat nie może zostać otrzymany: %s\n" -#: fe-secure-openssl.c:1512 +#: fe-secure-openssl.c:1456 #, c-format msgid "no SSL error reported" msgstr "nie zgłoszono błędu SSL" -#: fe-secure-openssl.c:1521 +#: fe-secure-openssl.c:1465 #, c-format msgid "SSL error code %lu" msgstr "kod błędu SSL %lu" @@ -1014,11 +1056,14 @@ msgstr "nie można wysłać danych do serwera: %s\n" msgid "unrecognized socket error: 0x%08X/%d" msgstr "nierozpoznany błąd gniazda: 0x%08X/%d" -#~ msgid "could not set socket to blocking mode: %s\n" -#~ msgstr "nie można ustawić gniazda w tryb blokowania: %s\n" +#~ msgid "socket not open\n" +#~ msgstr "gniazdo nie jest otwarte\n" #~ msgid "Kerberos 5 authentication rejected: %*s\n" #~ msgstr "Kerberos 5 autoryzacja odrzucona: %*s\n" -#~ msgid "socket not open\n" -#~ msgstr "gniazdo nie jest otwarte\n" +#~ msgid "could not set socket to blocking mode: %s\n" +#~ msgstr "nie można ustawić gniazda w tryb blokowania: %s\n" + +#~ msgid "could not acquire mutex: %s\n" +#~ msgstr "nie można uzyskać muteksu: %s\n" diff --git a/src/interfaces/libpq/po/pt_BR.po b/src/interfaces/libpq/po/pt_BR.po index 6f5e8c7fea..f43dc01db4 100644 --- a/src/interfaces/libpq/po/pt_BR.po +++ b/src/interfaces/libpq/po/pt_BR.po @@ -3,13 +3,13 @@ # This file is distributed under the same license as the PostgreSQL package. # Cesar Suga <sartre@linuxbr.com>, 2002. # Roberto Mello <rmello@fslc.usu.edu>, 2002. -# Euler Taveira de Oliveira <euler@timbira.com>, 2003-2015. +# Euler Taveira de Oliveira <euler@timbira.com>, 2003-2016. # msgid "" msgstr "" -"Project-Id-Version: PostgreSQL 9.5\n" +"Project-Id-Version: PostgreSQL 9.6\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" -"POT-Creation-Date: 2015-09-17 22:32-0300\n" +"POT-Creation-Date: 2016-08-09 22:53-0300\n" "PO-Revision-Date: 2005-10-04 22:45-0300\n" "Last-Translator: Euler Taveira de Oliveira <euler@timbira.com>\n" "Language-Team: Brazilian Portuguese <pgbr-dev@listas.postgresql.org.br>\n" @@ -22,7 +22,7 @@ msgstr "" msgid "GSSAPI continuation error" msgstr "erro ao continuar autenticação GSSAPI" -#: fe-auth.c:177 fe-auth.c:410 +#: fe-auth.c:177 fe-auth.c:412 msgid "host name must be specified\n" msgstr "nome da máquina deve ser especificado\n" @@ -30,14 +30,14 @@ msgstr "nome da máquina deve ser especificado\n" msgid "duplicate GSS authentication request\n" msgstr "pedido de autenticação GSS duplicado\n" -#: fe-auth.c:197 fe-auth.c:307 fe-auth.c:381 fe-auth.c:416 fe-auth.c:512 -#: fe-auth.c:778 fe-connect.c:701 fe-connect.c:898 fe-connect.c:1074 -#: fe-connect.c:2085 fe-connect.c:3477 fe-connect.c:3729 fe-connect.c:3848 -#: fe-connect.c:4088 fe-connect.c:4168 fe-connect.c:4267 fe-connect.c:4519 -#: fe-connect.c:4548 fe-connect.c:4620 fe-connect.c:4638 fe-connect.c:4734 -#: fe-connect.c:5068 fe-connect.c:5218 fe-exec.c:3339 fe-exec.c:3504 -#: fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:1571 -#: fe-secure-openssl.c:527 fe-secure-openssl.c:1069 +#: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 +#: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 +#: fe-connect.c:2091 fe-connect.c:3484 fe-connect.c:3736 fe-connect.c:3855 +#: fe-connect.c:4095 fe-connect.c:4175 fe-connect.c:4274 fe-connect.c:4530 +#: fe-connect.c:4559 fe-connect.c:4631 fe-connect.c:4649 fe-connect.c:4745 +#: fe-connect.c:5079 fe-connect.c:5229 fe-exec.c:2651 fe-exec.c:3398 +#: fe-exec.c:3563 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 +#: fe-protocol3.c:1678 fe-secure-openssl.c:552 fe-secure-openssl.c:1094 msgid "out of memory\n" msgstr "sem memória\n" @@ -45,74 +45,74 @@ msgstr "sem memória\n" msgid "GSSAPI name import error" msgstr "erro de importação de nome GSSAPI" -#: fe-auth.c:296 +#: fe-auth.c:298 msgid "SSPI continuation error" msgstr "erro ao continuar autenticação SSPI" -#: fe-auth.c:396 +#: fe-auth.c:398 msgid "could not acquire SSPI credentials" msgstr "não pôde obter credenciais SSPI" -#: fe-auth.c:487 +#: fe-auth.c:489 msgid "SCM_CRED authentication method not supported\n" msgstr "método de autenticação SCM_CRED não é suportado\n" -#: fe-auth.c:563 +#: fe-auth.c:565 msgid "Kerberos 4 authentication not supported\n" msgstr "Autenticação Kerberos 4 não é suportada\n" -#: fe-auth.c:568 +#: fe-auth.c:570 msgid "Kerberos 5 authentication not supported\n" msgstr "Autenticação Kerberos 5 não é suportada\n" -#: fe-auth.c:639 +#: fe-auth.c:641 msgid "GSSAPI authentication not supported\n" msgstr "Autenticação GSSAPI não é suportada\n" -#: fe-auth.c:671 +#: fe-auth.c:673 msgid "SSPI authentication not supported\n" msgstr "Autenticação SSPI não é suportada\n" -#: fe-auth.c:679 +#: fe-auth.c:681 msgid "Crypt authentication not supported\n" msgstr "Autenticação crypt não é suportada\n" -#: fe-auth.c:706 +#: fe-auth.c:708 #, c-format msgid "authentication method %u not supported\n" msgstr "método de autenticação %u não é suportado\n" -#: fe-auth.c:753 +#: fe-auth.c:755 #, c-format msgid "user name lookup failure: error code %lu\n" msgstr "falhou ao pesquisar nome de usuário: código de erro %lu\n" -#: fe-auth.c:763 fe-connect.c:2012 +#: fe-auth.c:765 fe-connect.c:2018 #, c-format msgid "could not look up local user ID %d: %s\n" msgstr "não pôde encontrar ID de usuário local %d: %s\n" -#: fe-auth.c:768 fe-connect.c:2017 +#: fe-auth.c:770 fe-connect.c:2023 #, c-format msgid "local user with ID %d does not exist\n" msgstr "usuário local com ID %d não existe\n" -#: fe-connect.c:840 +#: fe-connect.c:846 #, c-format msgid "invalid sslmode value: \"%s\"\n" msgstr "valor do modo ssl desconhecido: \"%s\"\n" -#: fe-connect.c:861 +#: fe-connect.c:867 #, c-format msgid "sslmode value \"%s\" invalid when SSL support is not compiled in\n" msgstr "valor \"%s\" do modo ssl é inválido quando suporte a SSL não foi compilado\n" -#: fe-connect.c:1098 +#: fe-connect.c:1104 #, c-format msgid "could not set socket to TCP no delay mode: %s\n" msgstr "não pôde configurar o soquete para modo TCP sem atraso: %s\n" -#: fe-connect.c:1128 +#: fe-connect.c:1134 #, c-format msgid "" "could not connect to server: %s\n" @@ -123,7 +123,7 @@ msgstr "" "\tO servidor está executando localmente e aceitando\n" "\tconexões no soquete de domínio Unix \"%s\"?\n" -#: fe-connect.c:1183 +#: fe-connect.c:1189 #, c-format msgid "" "could not connect to server: %s\n" @@ -134,7 +134,7 @@ msgstr "" "\tO servidor está executando na máquina \"%s\" (%s) e aceitando\n" "\tconexões TCP/IP na porta %s?\n" -#: fe-connect.c:1192 +#: fe-connect.c:1198 #, c-format msgid "" "could not connect to server: %s\n" @@ -145,396 +145,400 @@ msgstr "" "\tO servidor está executando na máquina \"%s\" e aceitando\n" "\tconexões TCP/IP na porta %s?\n" -#: fe-connect.c:1243 +#: fe-connect.c:1249 #, c-format msgid "setsockopt(TCP_KEEPIDLE) failed: %s\n" msgstr "setsockopt(TCP_KEEPIDLE) falhou: %s\n" -#: fe-connect.c:1256 +#: fe-connect.c:1262 #, c-format msgid "setsockopt(TCP_KEEPALIVE) failed: %s\n" msgstr "setsockopt(TCP_KEEPALIVE) falhou: %s\n" -#: fe-connect.c:1288 +#: fe-connect.c:1294 #, c-format msgid "setsockopt(TCP_KEEPINTVL) failed: %s\n" msgstr "setsockopt(TCP_KEEPINTVL) falhou: %s\n" -#: fe-connect.c:1320 +#: fe-connect.c:1326 #, c-format msgid "setsockopt(TCP_KEEPCNT) failed: %s\n" msgstr "setsockopt(TCP_KEEPCNT) falhou: %s\n" -#: fe-connect.c:1368 +#: fe-connect.c:1374 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" msgstr "WSAIoctl(SIO_KEEPALIVE_VALS) falhou: %ui\n" -#: fe-connect.c:1420 +#: fe-connect.c:1426 #, c-format msgid "invalid port number: \"%s\"\n" msgstr "número de porta inválido: \"%s\"\n" -#: fe-connect.c:1453 +#: fe-connect.c:1459 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" msgstr "caminho do soquete de domínio Unix \"%s\" é muito longo (máximo de %d bytes)\n" -#: fe-connect.c:1472 +#: fe-connect.c:1478 #, c-format msgid "could not translate host name \"%s\" to address: %s\n" msgstr "não pôde traduzir nome da máquina \"%s\" para endereço: %s\n" -#: fe-connect.c:1476 +#: fe-connect.c:1482 #, c-format msgid "could not translate Unix-domain socket path \"%s\" to address: %s\n" msgstr "não pôde traduzir caminho do soquete de domínio Unix \"%s\" para endereço: %s\n" -#: fe-connect.c:1681 +#: fe-connect.c:1687 msgid "invalid connection state, probably indicative of memory corruption\n" msgstr "estado de conexão é inválido, provavelmente indicativo de corrupção de memória\n" -#: fe-connect.c:1721 +#: fe-connect.c:1727 #, c-format msgid "could not create socket: %s\n" msgstr "não pôde criar soquete: %s\n" -#: fe-connect.c:1743 +#: fe-connect.c:1749 #, c-format msgid "could not set socket to nonblocking mode: %s\n" msgstr "não pôde configurar o soquete para modo não bloqueado: %s\n" -#: fe-connect.c:1754 +#: fe-connect.c:1760 #, c-format msgid "could not set socket to close-on-exec mode: %s\n" msgstr "não pôde configurar o soquete para modo fechar-após-execução: %s\n" -#: fe-connect.c:1773 +#: fe-connect.c:1779 msgid "keepalives parameter must be an integer\n" msgstr "parâmetro keepalives deve ser um inteiro\n" -#: fe-connect.c:1786 +#: fe-connect.c:1792 #, c-format msgid "setsockopt(SO_KEEPALIVE) failed: %s\n" msgstr "setsockopt(SO_KEEPALIVE) falhou: %s\n" -#: fe-connect.c:1923 +#: fe-connect.c:1929 #, c-format msgid "could not get socket error status: %s\n" msgstr "não pôde obter status de erro do soquete: %s\n" -#: fe-connect.c:1957 +#: fe-connect.c:1963 #, c-format msgid "could not get client address from socket: %s\n" msgstr "não pôde obter do soquete o endereço do cliente: %s\n" -#: fe-connect.c:1999 +#: fe-connect.c:2005 msgid "requirepeer parameter is not supported on this platform\n" msgstr "parâmetro requirepeer não é suportado nessa plataforma\n" -#: fe-connect.c:2002 +#: fe-connect.c:2008 #, c-format msgid "could not get peer credentials: %s\n" msgstr "não pôde receber credenciais: %s\n" -#: fe-connect.c:2025 +#: fe-connect.c:2031 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" msgstr "requirepeer especificou \"%s\", mas nome de usuário atual é \"%s\"\n" -#: fe-connect.c:2059 +#: fe-connect.c:2065 #, c-format msgid "could not send SSL negotiation packet: %s\n" msgstr "não pôde mandar pacote de negociação SSL: %s\n" -#: fe-connect.c:2098 +#: fe-connect.c:2104 #, c-format msgid "could not send startup packet: %s\n" msgstr "não pôde enviar pacote de inicialização: %s\n" -#: fe-connect.c:2168 +#: fe-connect.c:2174 msgid "server does not support SSL, but SSL was required\n" msgstr "servidor não suporta SSL, mas SSL foi requerido\n" -#: fe-connect.c:2194 +#: fe-connect.c:2200 #, c-format msgid "received invalid response to SSL negotiation: %c\n" msgstr "a negociação SSL recebeu uma resposta inválida: %c\n" -#: fe-connect.c:2269 fe-connect.c:2302 +#: fe-connect.c:2275 fe-connect.c:2308 #, c-format msgid "expected authentication request from server, but received %c\n" msgstr "pedido de autenticação esperado do servidor, mas foi recebido %c\n" -#: fe-connect.c:2469 +#: fe-connect.c:2475 #, c-format msgid "out of memory allocating GSSAPI buffer (%d)" msgstr "sem memória para alocar buffer para GSSAPI (%d)" -#: fe-connect.c:2554 +#: fe-connect.c:2560 msgid "unexpected message from server during startup\n" msgstr "mensagem inesperada do servidor durante inicialização\n" -#: fe-connect.c:2648 +#: fe-connect.c:2654 #, c-format msgid "invalid connection state %d, probably indicative of memory corruption\n" msgstr "estado de conexão %d é inválido, provavelmente indicativo de corrupção de memória\n" -#: fe-connect.c:3083 fe-connect.c:3143 +#: fe-connect.c:3090 fe-connect.c:3150 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" msgstr "PGEventProc \"%s\" falhou durante evento PGEVT_CONNRESET\n" -#: fe-connect.c:3490 +#: fe-connect.c:3497 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" msgstr "URL LDAP \"%s\" é inválida: esquema deve ser ldap://\n" -#: fe-connect.c:3505 +#: fe-connect.c:3512 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" msgstr "URL LDAP \"%s\" é inválida: faltando nome distinto\n" -#: fe-connect.c:3516 fe-connect.c:3569 +#: fe-connect.c:3523 fe-connect.c:3576 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" msgstr "URL LDAP \"%s\" é inválida: deve ter exatamente um atributo\n" -#: fe-connect.c:3526 fe-connect.c:3583 +#: fe-connect.c:3533 fe-connect.c:3590 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" msgstr "URL LDAP \"%s\" é inválida: deve ter escopo de busca (base/one/sub)\n" -#: fe-connect.c:3537 +#: fe-connect.c:3544 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" msgstr "URL LDAP \"%s\" é inválida: nenhum filtro\n" -#: fe-connect.c:3558 +#: fe-connect.c:3565 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" msgstr "URL LDAP \"%s\" é inválida: número de porta é inválido\n" -#: fe-connect.c:3592 +#: fe-connect.c:3599 msgid "could not create LDAP structure\n" msgstr "não pôde criar estrutura LDAP\n" -#: fe-connect.c:3668 +#: fe-connect.c:3675 #, c-format msgid "lookup on LDAP server failed: %s\n" msgstr "busca em servidor LDAP falhou: %s\n" -#: fe-connect.c:3679 +#: fe-connect.c:3686 msgid "more than one entry found on LDAP lookup\n" msgstr "mais de um registro encontrado na busca no LDAP\n" -#: fe-connect.c:3680 fe-connect.c:3692 +#: fe-connect.c:3687 fe-connect.c:3699 msgid "no entry found on LDAP lookup\n" msgstr "nenhum registro encontrado na busca no LDAP\n" -#: fe-connect.c:3703 fe-connect.c:3716 +#: fe-connect.c:3710 fe-connect.c:3723 msgid "attribute has no values on LDAP lookup\n" msgstr "atributo não tem valores na busca no LDAP\n" -#: fe-connect.c:3768 fe-connect.c:3787 fe-connect.c:4306 +#: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" msgstr "faltando \"=\" depois de \"%s\" na cadeia de caracteres de conexão\n" -#: fe-connect.c:3860 fe-connect.c:4487 fe-connect.c:5201 +#: fe-connect.c:3867 fe-connect.c:4498 fe-connect.c:5212 #, c-format msgid "invalid connection option \"%s\"\n" msgstr "opção de conexão \"%s\" é inválida\n" -#: fe-connect.c:3876 fe-connect.c:4355 +#: fe-connect.c:3883 fe-connect.c:4362 msgid "unterminated quoted string in connection info string\n" msgstr "cadeia de caracteres entre aspas não foi terminada na cadeia de caracteres de conexão\n" -#: fe-connect.c:3916 +#: fe-connect.c:3923 msgid "could not get home directory to locate service definition file" msgstr "não pôde obter diretório base do usuário para localizar arquivo de definição de serviço" -#: fe-connect.c:3949 +#: fe-connect.c:3956 #, c-format msgid "definition of service \"%s\" not found\n" msgstr "definição de serviço \"%s\" não foi encontrado\n" -#: fe-connect.c:3972 +#: fe-connect.c:3979 #, c-format msgid "service file \"%s\" not found\n" msgstr "arquivo de serviço \"%s\" não foi encontrado\n" -#: fe-connect.c:3985 +#: fe-connect.c:3992 #, c-format msgid "line %d too long in service file \"%s\"\n" msgstr "linha %d é muito longa no arquivo de serviço \"%s\"\n" -#: fe-connect.c:4056 fe-connect.c:4100 +#: fe-connect.c:4063 fe-connect.c:4107 #, c-format msgid "syntax error in service file \"%s\", line %d\n" msgstr "erro de sintaxe no arquivo de serviço \"%s\", linha %d\n" -#: fe-connect.c:4067 +#: fe-connect.c:4074 #, c-format msgid "nested service specifications not supported in service file \"%s\", line %d\n" msgstr "especificações de serviço aninhadas não são suportadas no arquivo de serviço \"%s\", linha %d\n" -#: fe-connect.c:4745 +#: fe-connect.c:4756 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" msgstr "URI inválida propagada para rotina interna do analisador: \"%s\"\n" -#: fe-connect.c:4815 +#: fe-connect.c:4826 #, c-format msgid "end of string reached when looking for matching \"]\" in IPv6 host address in URI: \"%s\"\n" msgstr "fim da cadeia de caracteres atingido quando procurava por \"]\" no endereço IPv6 na URI: \"%s\"\n" -#: fe-connect.c:4822 +#: fe-connect.c:4833 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" msgstr "endereço IPv6 não pode ser vazio na URI: \"%s\"\n" -#: fe-connect.c:4837 +#: fe-connect.c:4848 #, c-format msgid "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): \"%s\"\n" msgstr "caracter \"%c\" inesperado na posição %d na URI (esperado \":\" ou \"/\"): \"%s\"\n" -#: fe-connect.c:4951 +#: fe-connect.c:4962 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "separador de chave/valor \"=\" extra no parâmetro da URI: \"%s\"\n" -#: fe-connect.c:4971 +#: fe-connect.c:4982 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "faltando separador de chave/valor \"=\" no parâmetro da URI: \"%s\"\n" -#: fe-connect.c:5022 +#: fe-connect.c:5033 #, c-format msgid "invalid URI query parameter: \"%s\"\n" msgstr "parâmetro da URI é inválido: \"%s\"\n" -#: fe-connect.c:5096 +#: fe-connect.c:5107 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" msgstr "elemento escapado com porcentagem é inválido: \"%s\"\n" -#: fe-connect.c:5106 +#: fe-connect.c:5117 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" msgstr "valor %%00 proibido em valor escapado com porcentagem: \"%s\"\n" -#: fe-connect.c:5437 +#: fe-connect.c:5451 msgid "connection pointer is NULL\n" msgstr "ponteiro da conexão é NULO\n" -#: fe-connect.c:5723 +#: fe-connect.c:5749 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" msgstr "AVISO: arquivo de senhas \"%s\" não é um arquivo no formato texto\n" -#: fe-connect.c:5732 +#: fe-connect.c:5758 #, c-format msgid "WARNING: password file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "AVISO: arquivo de senhas \"%s\" tem acesso de leitura para outros ou grupo; permissões devem ser u=rw (0600) ou menos que isso\n" -#: fe-connect.c:5838 +#: fe-connect.c:5864 #, c-format msgid "password retrieved from file \"%s\"\n" msgstr "senha obtida do arquivo \"%s\"\n" -#: fe-exec.c:825 +#: fe-exec.c:826 msgid "NOTICE" msgstr "NOTA" -#: fe-exec.c:1122 fe-exec.c:1180 fe-exec.c:1226 +#: fe-exec.c:1140 fe-exec.c:1198 fe-exec.c:1244 msgid "command string is a null pointer\n" msgstr "cadeia de caracteres do comando é um ponteiro nulo\n" -#: fe-exec.c:1186 fe-exec.c:1232 fe-exec.c:1327 +#: fe-exec.c:1204 fe-exec.c:1250 fe-exec.c:1345 msgid "number of parameters must be between 0 and 65535\n" msgstr "número de parâmetros deve ser entre 0 e 65535\n" -#: fe-exec.c:1220 fe-exec.c:1321 +#: fe-exec.c:1238 fe-exec.c:1339 msgid "statement name is a null pointer\n" msgstr "nome do comando é um ponteiro nulo\n" -#: fe-exec.c:1240 fe-exec.c:1404 fe-exec.c:2119 fe-exec.c:2318 +#: fe-exec.c:1258 fe-exec.c:1422 fe-exec.c:2140 fe-exec.c:2339 msgid "function requires at least protocol version 3.0\n" msgstr "função requer pelo menos a versão 3.0 do protocolo\n" -#: fe-exec.c:1358 +#: fe-exec.c:1376 msgid "no connection to the server\n" msgstr "sem conexão ao servidor\n" -#: fe-exec.c:1365 +#: fe-exec.c:1383 msgid "another command is already in progress\n" msgstr "outro comando já está em execução\n" -#: fe-exec.c:1480 +#: fe-exec.c:1498 msgid "length must be given for binary parameter\n" msgstr "tamanho deve ser informado para um parâmetro binário\n" -#: fe-exec.c:1749 +#: fe-exec.c:1770 #, c-format msgid "unexpected asyncStatus: %d\n" msgstr "asyncStatus inesperado: %d\n" -#: fe-exec.c:1769 +#: fe-exec.c:1790 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" msgstr "PGEventProc \"%s\" falhou durante evento PGEVT_RESULTCREATE\n" -#: fe-exec.c:1929 +#: fe-exec.c:1950 msgid "COPY terminated by new PQexec" msgstr "COPY terminado por novo PQexec" -#: fe-exec.c:1937 +#: fe-exec.c:1958 msgid "COPY IN state must be terminated first\n" msgstr "estado de COPY IN deve ser terminado primeiro\n" -#: fe-exec.c:1957 +#: fe-exec.c:1978 msgid "COPY OUT state must be terminated first\n" msgstr "estado de COPY OUT deve ser terminado primeiro\n" -#: fe-exec.c:1965 +#: fe-exec.c:1986 msgid "PQexec not allowed during COPY BOTH\n" msgstr "PQexec não é permitido durante COPY BOTH\n" -#: fe-exec.c:2208 fe-exec.c:2275 fe-exec.c:2365 fe-protocol2.c:1352 -#: fe-protocol3.c:1710 +#: fe-exec.c:2229 fe-exec.c:2296 fe-exec.c:2386 fe-protocol2.c:1352 +#: fe-protocol3.c:1817 msgid "no COPY in progress\n" msgstr "nenhum COPY está em execução\n" -#: fe-exec.c:2555 +#: fe-exec.c:2576 msgid "connection in wrong state\n" msgstr "conexão em estado errado\n" -#: fe-exec.c:2586 +#: fe-exec.c:2607 msgid "invalid ExecStatusType code" msgstr "código de ExecStatusType é inválido" -#: fe-exec.c:2650 fe-exec.c:2673 +#: fe-exec.c:2634 +msgid "PGresult is not an error result\n" +msgstr "PGresult não é um resultado de erro\n" + +#: fe-exec.c:2709 fe-exec.c:2732 #, c-format msgid "column number %d is out of range 0..%d" msgstr "coluna número %d está fora do intervalo 0..%d" -#: fe-exec.c:2666 +#: fe-exec.c:2725 #, c-format msgid "row number %d is out of range 0..%d" msgstr "linha número %d está fora do intervalo 0..%d" -#: fe-exec.c:2688 +#: fe-exec.c:2747 #, c-format msgid "parameter number %d is out of range 0..%d" msgstr "parâmetro número %d está fora do intervalo 0..%d" -#: fe-exec.c:2998 +#: fe-exec.c:3057 #, c-format msgid "could not interpret result from server: %s" msgstr "não pôde interpretar resultado do servidor: %s" -#: fe-exec.c:3237 fe-exec.c:3321 +#: fe-exec.c:3296 fe-exec.c:3380 msgid "incomplete multibyte character\n" msgstr "caracter multibyte incompleto\n" @@ -631,11 +635,11 @@ msgstr "inteiro de tamanho %lu não é suportado por pqGetInt" msgid "integer of size %lu not supported by pqPutInt" msgstr "inteiro de tamanho %lu não é suportado por pqPutInt" -#: fe-misc.c:642 fe-misc.c:842 +#: fe-misc.c:642 fe-misc.c:843 msgid "connection not open\n" msgstr "conexão não está aberta\n" -#: fe-misc.c:812 fe-secure-openssl.c:249 fe-secure-openssl.c:355 +#: fe-misc.c:812 fe-secure-openssl.c:271 fe-secure-openssl.c:380 #: fe-secure.c:253 fe-secure.c:362 msgid "" "server closed the connection unexpectedly\n" @@ -646,15 +650,15 @@ msgstr "" "\tIsto provavelmente significa que o servidor terminou de forma anormal\n" "\tantes ou durante o processamento do pedido.\n" -#: fe-misc.c:1015 +#: fe-misc.c:1016 msgid "timeout expired\n" msgstr "tempo de espera expirado\n" -#: fe-misc.c:1060 -msgid "socket not open\n" -msgstr "soquete não está aberto\n" +#: fe-misc.c:1061 +msgid "invalid socket\n" +msgstr "soquete inválido\n" -#: fe-misc.c:1083 +#: fe-misc.c:1084 #, c-format msgid "select() failed: %s\n" msgstr "select() falhou: %s\n" @@ -675,8 +679,8 @@ msgid "message type 0x%02x arrived from server while idle" msgstr "tipo de mensagem 0x%02x chegou do servidor enquanto estava ocioso" #: fe-protocol2.c:503 fe-protocol2.c:538 fe-protocol2.c:1049 -#: fe-protocol3.c:209 fe-protocol3.c:236 fe-protocol3.c:253 fe-protocol3.c:324 -#: fe-protocol3.c:995 +#: fe-protocol3.c:209 fe-protocol3.c:236 fe-protocol3.c:253 fe-protocol3.c:333 +#: fe-protocol3.c:728 fe-protocol3.c:951 msgid "out of memory" msgstr "sem memória" @@ -695,16 +699,16 @@ msgstr "servidor enviou dados (mensagem \"D\") sem antes enviar descrição de r msgid "server sent binary data (\"B\" message) without prior row description (\"T\" message)" msgstr "servidor enviou dados binários (mensagem \"B\") sem antes enviar descrição de registro (mensagem \"T\")" -#: fe-protocol2.c:633 fe-protocol3.c:402 +#: fe-protocol2.c:633 fe-protocol3.c:412 #, c-format msgid "unexpected response from server; first received character was \"%c\"\n" msgstr "resposta inesperada do servidor; primeiro caracter recebido foi \"%c\"\n" -#: fe-protocol2.c:762 fe-protocol2.c:937 fe-protocol3.c:617 fe-protocol3.c:799 +#: fe-protocol2.c:762 fe-protocol2.c:937 fe-protocol3.c:627 fe-protocol3.c:854 msgid "out of memory for query result" msgstr "sem memória para resultado da consulta" -#: fe-protocol2.c:1395 fe-protocol3.c:1779 +#: fe-protocol2.c:1395 fe-protocol3.c:1886 #, c-format msgid "%s" msgstr "%s" @@ -714,120 +718,128 @@ msgstr "%s" msgid "lost synchronization with server, resetting connection" msgstr "perda de sincronismo com o servidor, reiniciando conexão" -#: fe-protocol2.c:1541 fe-protocol2.c:1573 fe-protocol3.c:1982 +#: fe-protocol2.c:1541 fe-protocol2.c:1573 fe-protocol3.c:2089 #, c-format msgid "protocol error: id=0x%x\n" msgstr "erro de protocolo: id=0x%x\n" -#: fe-protocol3.c:358 +#: fe-protocol3.c:368 msgid "server sent data (\"D\" message) without prior row description (\"T\" message)\n" msgstr "servidor enviou dados (mensagem \"D\") sem antes enviar descrição de registro (mensagem \"T\")\n" -#: fe-protocol3.c:423 +#: fe-protocol3.c:433 #, c-format msgid "message contents do not agree with length in message type \"%c\"\n" msgstr "conteúdo da mensagem não está de acordo com o tamanho no tipo de mensagem \"%c\"\n" -#: fe-protocol3.c:444 +#: fe-protocol3.c:454 #, c-format msgid "lost synchronization with server: got message type \"%c\", length %d\n" msgstr "perda de sincronismo com o servidor: recebeu tipo de mensagem \"%c\", tamanho %d\n" -#: fe-protocol3.c:495 fe-protocol3.c:535 +#: fe-protocol3.c:505 fe-protocol3.c:545 msgid "insufficient data in \"T\" message" msgstr "dados insuficientes na mensagem \"T\"" -#: fe-protocol3.c:568 +#: fe-protocol3.c:578 msgid "extraneous data in \"T\" message" msgstr "dados estranhos na mensagem \"T\"" -#: fe-protocol3.c:707 fe-protocol3.c:739 fe-protocol3.c:757 +#: fe-protocol3.c:691 +msgid "extraneous data in \"t\" message" +msgstr "dados estranhos na mensagem \"t\"" + +#: fe-protocol3.c:762 fe-protocol3.c:794 fe-protocol3.c:812 msgid "insufficient data in \"D\" message" msgstr "dados insuficientes na mensagem \"D\"" -#: fe-protocol3.c:713 +#: fe-protocol3.c:768 msgid "unexpected field count in \"D\" message" msgstr "contagem de campos inesperada em mensagem \"D\"" -#: fe-protocol3.c:766 +#: fe-protocol3.c:821 msgid "extraneous data in \"D\" message" msgstr "dados estranhos na mensagem \"D\"" +#: fe-protocol3.c:1005 +msgid "no error message available\n" +msgstr "nenhuma mensagem de erro disponível\n" + #. translator: %s represents a digit string -#: fe-protocol3.c:898 fe-protocol3.c:917 +#: fe-protocol3.c:1035 fe-protocol3.c:1054 #, c-format msgid " at character %s" msgstr " no caracter %s" -#: fe-protocol3.c:930 +#: fe-protocol3.c:1067 #, c-format msgid "DETAIL: %s\n" msgstr "DETALHE: %s\n" -#: fe-protocol3.c:933 +#: fe-protocol3.c:1070 #, c-format msgid "HINT: %s\n" msgstr "DICA: %s\n" -#: fe-protocol3.c:936 +#: fe-protocol3.c:1073 #, c-format msgid "QUERY: %s\n" msgstr "CONSULTA: %s\n" -#: fe-protocol3.c:939 +#: fe-protocol3.c:1080 #, c-format msgid "CONTEXT: %s\n" msgstr "CONTEXTO: %s\n" -#: fe-protocol3.c:946 +#: fe-protocol3.c:1089 #, c-format msgid "SCHEMA NAME: %s\n" msgstr "NOME DO ESQUEMA: %s\n" -#: fe-protocol3.c:950 +#: fe-protocol3.c:1093 #, c-format msgid "TABLE NAME: %s\n" msgstr "NOME DA TABELA: %s\n" -#: fe-protocol3.c:954 +#: fe-protocol3.c:1097 #, c-format msgid "COLUMN NAME: %s\n" msgstr "NOME DA COLUNA: %s\n" -#: fe-protocol3.c:958 +#: fe-protocol3.c:1101 #, c-format msgid "DATATYPE NAME: %s\n" msgstr "NOME DO TIPO DE DADO: %s\n" -#: fe-protocol3.c:962 +#: fe-protocol3.c:1105 #, c-format msgid "CONSTRAINT NAME: %s\n" msgstr "NOME DA RESTRIÇÃO: %s\n" -#: fe-protocol3.c:974 +#: fe-protocol3.c:1117 msgid "LOCATION: " msgstr "LOCAL: " -#: fe-protocol3.c:976 +#: fe-protocol3.c:1119 #, c-format msgid "%s, " msgstr "%s, " -#: fe-protocol3.c:978 +#: fe-protocol3.c:1121 #, c-format msgid "%s:%s" msgstr "%s:%s" -#: fe-protocol3.c:1209 +#: fe-protocol3.c:1316 #, c-format msgid "LINE %d: " msgstr "LINHA %d: " -#: fe-protocol3.c:1604 +#: fe-protocol3.c:1711 msgid "PQgetline: not doing text COPY OUT\n" msgstr "PQgetline: não está fazendo COPY OUT de texto\n" -#: fe-secure-openssl.c:146 fe-secure-openssl.c:1006 fe-secure-openssl.c:1226 +#: fe-secure-openssl.c:146 fe-secure-openssl.c:1031 fe-secure-openssl.c:1251 #, c-format msgid "could not acquire mutex: %s\n" msgstr "não pôde obter mutex: %s\n" @@ -837,116 +849,116 @@ msgstr "não pôde obter mutex: %s\n" msgid "could not establish SSL connection: %s\n" msgstr "não pôde estabelecer conexão SSL: %s\n" -#: fe-secure-openssl.c:254 fe-secure-openssl.c:360 fe-secure-openssl.c:1349 +#: fe-secure-openssl.c:276 fe-secure-openssl.c:385 fe-secure-openssl.c:1377 #, c-format msgid "SSL SYSCALL error: %s\n" msgstr "Erro de SYSCALL SSL: %s\n" -#: fe-secure-openssl.c:261 fe-secure-openssl.c:367 fe-secure-openssl.c:1353 +#: fe-secure-openssl.c:283 fe-secure-openssl.c:392 fe-secure-openssl.c:1381 msgid "SSL SYSCALL error: EOF detected\n" msgstr "Erro de SYSCALL SSL: EOF detectado\n" -#: fe-secure-openssl.c:272 fe-secure-openssl.c:378 fe-secure-openssl.c:1362 +#: fe-secure-openssl.c:294 fe-secure-openssl.c:403 fe-secure-openssl.c:1390 #, c-format msgid "SSL error: %s\n" msgstr "Erro de SSL: %s\n" -#: fe-secure-openssl.c:287 fe-secure-openssl.c:393 +#: fe-secure-openssl.c:309 fe-secure-openssl.c:418 msgid "SSL connection has been closed unexpectedly\n" msgstr "conexão SSL foi fechada inesperadamente\n" -#: fe-secure-openssl.c:293 fe-secure-openssl.c:399 fe-secure-openssl.c:1371 +#: fe-secure-openssl.c:315 fe-secure-openssl.c:424 fe-secure-openssl.c:1399 #, c-format msgid "unrecognized SSL error code: %d\n" msgstr "código de erro SSL desconhecido: %d\n" -#: fe-secure-openssl.c:511 +#: fe-secure-openssl.c:536 msgid "SSL certificate's name entry is missing\n" msgstr "entrada do nome do certificado SSL está ausente\n" -#: fe-secure-openssl.c:541 +#: fe-secure-openssl.c:566 msgid "SSL certificate's name contains embedded null\n" msgstr "nome do certificado SSL contém nulo embutido\n" -#: fe-secure-openssl.c:592 +#: fe-secure-openssl.c:617 msgid "host name must be specified for a verified SSL connection\n" msgstr "nome da máquina deve ser especificado para uma conexão SSL verificada\n" -#: fe-secure-openssl.c:692 +#: fe-secure-openssl.c:717 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" msgstr "certificado do servidor para \"%s\" não corresponde ao nome da máquina \"%s\"\n" -#: fe-secure-openssl.c:698 +#: fe-secure-openssl.c:723 msgid "could not get server's host name from server certificate\n" msgstr "não pôde obter nome de máquina do servidor a partir do certificado do servidor\n" -#: fe-secure-openssl.c:845 +#: fe-secure-openssl.c:870 #, c-format msgid "could not create SSL context: %s\n" msgstr "não pôde criar contexto SSL: %s\n" -#: fe-secure-openssl.c:976 +#: fe-secure-openssl.c:1001 #, c-format msgid "could not open certificate file \"%s\": %s\n" msgstr "não pôde abrir certificado \"%s\": %s\n" -#: fe-secure-openssl.c:1015 fe-secure-openssl.c:1030 +#: fe-secure-openssl.c:1040 fe-secure-openssl.c:1055 #, c-format msgid "could not read certificate file \"%s\": %s\n" msgstr "não pôde ler certificado \"%s\": %s\n" -#: fe-secure-openssl.c:1085 +#: fe-secure-openssl.c:1110 #, c-format msgid "could not load SSL engine \"%s\": %s\n" msgstr "não pôde carregar mecanismo SSL \"%s\": %s\n" -#: fe-secure-openssl.c:1097 +#: fe-secure-openssl.c:1122 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" msgstr "não pôde inicializar mecanismo SSL \"%s\": %s\n" -#: fe-secure-openssl.c:1113 +#: fe-secure-openssl.c:1138 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "não pôde ler chave privada SSL \"%s\" do mecanismo \"%s\": %s\n" -#: fe-secure-openssl.c:1127 +#: fe-secure-openssl.c:1152 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "não pôde carregar chave privada SSL \"%s\" do mecanismo \"%s\": %s\n" -#: fe-secure-openssl.c:1164 +#: fe-secure-openssl.c:1189 #, c-format msgid "certificate present, but not private key file \"%s\"\n" msgstr "certificado presente, mas não a chave privada \"%s\"\n" -#: fe-secure-openssl.c:1172 +#: fe-secure-openssl.c:1197 #, c-format msgid "private key file \"%s\" has group or world access; permissions should be u=rw (0600) or less\n" msgstr "chave privada \"%s\" tem acesso de leitura para outros ou grupo; permissões devem ser u=rw (0600) ou menos que isso\n" -#: fe-secure-openssl.c:1183 +#: fe-secure-openssl.c:1208 #, c-format msgid "could not load private key file \"%s\": %s\n" msgstr "não pôde carregar arquivo contendo chave privada \"%s\": %s\n" -#: fe-secure-openssl.c:1197 +#: fe-secure-openssl.c:1222 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" msgstr "certificado não corresponde a chave privada \"%s\": %s\n" -#: fe-secure-openssl.c:1235 +#: fe-secure-openssl.c:1260 #, c-format msgid "could not read root certificate file \"%s\": %s\n" msgstr "não pôde ler certificado raiz \"%s\": %s\n" -#: fe-secure-openssl.c:1265 +#: fe-secure-openssl.c:1290 #, c-format msgid "SSL library does not support CRL certificates (file \"%s\")\n" msgstr "biblioteca SSL não suporta certificados CRL (arquivo \"%s\")\n" -#: fe-secure-openssl.c:1298 +#: fe-secure-openssl.c:1323 msgid "" "could not get home directory to locate root certificate file\n" "Either provide the file or change sslmode to disable server certificate verification.\n" @@ -954,7 +966,7 @@ msgstr "" "não pôde obter diretório base do usuário para localizar arquivo do certificado\n" "Forneça um arquivo ou mude o sslmode para desabilitar a verificação de certificado do servidor.\n" -#: fe-secure-openssl.c:1302 +#: fe-secure-openssl.c:1327 #, c-format msgid "" "root certificate file \"%s\" does not exist\n" @@ -963,17 +975,17 @@ msgstr "" "certificado raiz \"%s\" não existe\n" "Forneça um arquivo ou mude o sslmode para desabilitar a verificação de certificado do servidor.\n" -#: fe-secure-openssl.c:1390 +#: fe-secure-openssl.c:1420 #, c-format msgid "certificate could not be obtained: %s\n" msgstr "certificado não pôde ser obtido: %s\n" -#: fe-secure-openssl.c:1482 +#: fe-secure-openssl.c:1512 #, c-format msgid "no SSL error reported" msgstr "nenhum erro SSL relatado" -#: fe-secure-openssl.c:1491 +#: fe-secure-openssl.c:1521 #, c-format msgid "SSL error code %lu" msgstr "código de erro SSL %lu" diff --git a/src/interfaces/libpq/po/ru.po b/src/interfaces/libpq/po/ru.po index a80bfdba52..de6e91fc72 100644 --- a/src/interfaces/libpq/po/ru.po +++ b/src/interfaces/libpq/po/ru.po @@ -1,138 +1,141 @@ -# LIBPQ Translated Messages into the Russian Language (UTF-8) +# Russian message translation file for libpq +# Copyright (C) 2001-2016 PostgreSQL Global Development Group +# This file is distributed under the same license as the PostgreSQL package. +# Serguei A. Mokhov <mokhov@cs.concordia.ca>, 2001-2004. +# Oleg Bartunov <oleg@sai.msu.su>, 2005. +# Andrey Sudnik <sudnikand@yandex.ru>, 2010. +# Alexander Lakhin <exclusion@gmail.com>, 2012-2017. # -# Copyright (c) 2001-2004 Serguei A. Mokhov, mokhov@cs.concordia.ca -# Copyright (c) 2012-2013 Alexander Lakhin <exclusion@gmail.com> -# Distributed under the same licensing terms as PostgreSQL itself. -# -# pgtranslation Id: libpq.po,v 1.4 2010/12/07 21:22:21 petere Exp $ -# -# ChangeLog: -# - August 19, 2013: Alexander Lakhin <exclusion@gmail.com>. -# - March 14, 2013: Updates for 9.3. Alexander Lakhin <exclusion@gmail.com>. -# - June 27, 2012: Updates for 9.2. Alexander Lakhin <exclusion@gmail.com>. -# - April 2, 2012: Bug fixes. Alexander Lakhin <exclusion@gmail.com>. -# - February 22, 2012: Backporting 9.1 translation to 8.4. Alexander Lakhin <exclusion@gmail.com>. -# - February 17, 2012: complete translation for 9.1. Alexander Lakhin <exclusion@gmail.com>. -# - November, 2010: Updates for PostgreSQL 9 by Andrey Sudnik <sudnikand@yandex.ru>. -# - January, 2005: Corrections and improvements by Oleg Bartunov <oleg@sai.msu.su>. -# - March 27 - November 1, 2004: Updates for 8.0; <mokhov@cs.concordia.ca>. -# - July 24 - October 5, 2003: Updates for 7.4.*; <mokhov@cs.concordia.ca>. -# - January 2, 2002: Completed SSL translation, Serguei A. Mokhov <mokhov@cs.concordia.ca>. -# - October 12, 2002: Post-7.3beta2 fuzzy translation fixes, Serguei A. Mokhov <mokhov@cs.concordia.ca>. -# - September 7, 2002: Complete post-7.3beta1 Translation, Serguei A. Mokhov <mokhov@cs.concordia.ca>. -# - August 2001 - August 2002: Initial translation and maintenance, Serguei A. Mokhov <mokhov@cs.concordia.ca> msgid "" msgstr "" -"Project-Id-Version: PostgreSQL 9 current\n" +"Project-Id-Version: libpq (PostgreSQL current)\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" -"POT-Creation-Date: 2016-05-27 16:08+0000\n" -"PO-Revision-Date: 2015-07-22 16:24+0300\n" -"Last-Translator: Alexander Lakhin <exclusion@gmail.com>\n" -"Language-Team: Russian <pgtranslation-translators@pgfoundry.org>\n" +"POT-Creation-Date: 2017-03-27 12:38+0000\n" +"PO-Revision-Date: 2017-03-29 06:55+0300\n" +"Language-Team: Russian <pgsql-ru-general@postgresql.org>\n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Poedit-SourceCharset: utf-8\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"X-Generator: Lokalize 1.5\n" +"Last-Translator: Alexander Lakhin <exclusion@gmail.com>\n" -#: fe-auth.c:148 +#: fe-auth.c:149 msgid "GSSAPI continuation error" msgstr "ошибка продолжения в GSSAPI" -#: fe-auth.c:177 fe-auth.c:412 +#: fe-auth.c:179 fe-auth.c:415 msgid "host name must be specified\n" msgstr "требуется указать имя сервера\n" -#: fe-auth.c:184 +#: fe-auth.c:186 msgid "duplicate GSS authentication request\n" msgstr "повторный запрос аутентификации GSS\n" -#: fe-auth.c:197 fe-auth.c:309 fe-auth.c:383 fe-auth.c:418 fe-auth.c:514 -#: fe-auth.c:780 fe-connect.c:707 fe-connect.c:904 fe-connect.c:1080 -#: fe-connect.c:2091 fe-connect.c:3484 fe-connect.c:3736 fe-connect.c:3855 -#: fe-connect.c:4095 fe-connect.c:4175 fe-connect.c:4274 fe-connect.c:4526 -#: fe-connect.c:4555 fe-connect.c:4627 fe-connect.c:4645 fe-connect.c:4741 -#: fe-connect.c:5075 fe-connect.c:5225 fe-exec.c:2634 fe-exec.c:3381 -#: fe-exec.c:3546 fe-lobj.c:896 fe-protocol2.c:1206 fe-protocol3.c:992 -#: fe-protocol3.c:1678 fe-secure-openssl.c:551 fe-secure-openssl.c:1093 +#: fe-auth.c:199 fe-auth.c:311 fe-auth.c:386 fe-auth.c:421 fe-auth.c:465 +#: fe-auth.c:599 fe-auth.c:902 fe-connect.c:716 fe-connect.c:1086 +#: fe-connect.c:1262 fe-connect.c:1798 fe-connect.c:2326 fe-connect.c:4000 +#: fe-connect.c:4252 fe-connect.c:4371 fe-connect.c:4611 fe-connect.c:4691 +#: fe-connect.c:4790 fe-connect.c:5046 fe-connect.c:5075 fe-connect.c:5147 +#: fe-connect.c:5165 fe-connect.c:5266 fe-connect.c:5275 fe-connect.c:5631 +#: fe-connect.c:5781 fe-exec.c:2651 fe-exec.c:3398 fe-exec.c:3563 fe-lobj.c:896 +#: fe-protocol2.c:1206 fe-protocol3.c:992 fe-protocol3.c:1678 +#: fe-secure-openssl.c:514 fe-secure-openssl.c:1137 msgid "out of memory\n" msgstr "нехватка памяти\n" -#: fe-auth.c:210 +#: fe-auth.c:212 msgid "GSSAPI name import error" msgstr "ошибка импорта имени в GSSAPI" -#: fe-auth.c:298 +#: fe-auth.c:300 msgid "SSPI continuation error" msgstr "ошибка продолжения в SSPI" -#: fe-auth.c:398 +#: fe-auth.c:401 msgid "could not acquire SSPI credentials" msgstr "не удалось получить удостоверение SSPI" -#: fe-auth.c:489 +#: fe-auth.c:474 +#, c-format +msgid "SASL authentication mechanism %s not supported\n" +msgstr "механизм аутентификации SASL %s не поддерживается\n" + +#: fe-auth.c:574 msgid "SCM_CRED authentication method not supported\n" msgstr "аутентификация SCM_CRED не поддерживается\n" -#: fe-auth.c:565 +#: fe-auth.c:650 msgid "Kerberos 4 authentication not supported\n" msgstr "аутентификация Kerberos 4 не поддерживается\n" -#: fe-auth.c:570 +#: fe-auth.c:655 msgid "Kerberos 5 authentication not supported\n" msgstr "аутентификация Kerberos 5 не поддерживается\n" -#: fe-auth.c:641 +#: fe-auth.c:726 msgid "GSSAPI authentication not supported\n" msgstr "аутентификация через GSSAPI не поддерживается\n" -#: fe-auth.c:673 +#: fe-auth.c:758 msgid "SSPI authentication not supported\n" msgstr "аутентификация через SSPI не поддерживается\n" -#: fe-auth.c:681 +#: fe-auth.c:766 msgid "Crypt authentication not supported\n" msgstr "аутентификация Crypt не поддерживается\n" -#: fe-auth.c:708 +#: fe-auth.c:830 #, c-format msgid "authentication method %u not supported\n" msgstr "метод аутентификации %u не поддерживается\n" -#: fe-auth.c:755 +#: fe-auth.c:877 #, c-format msgid "user name lookup failure: error code %lu\n" msgstr "распознать имя пользователя не удалось (код ошибки: %lu)\n" -#: fe-auth.c:765 fe-connect.c:2018 +#: fe-auth.c:887 fe-connect.c:2253 #, c-format msgid "could not look up local user ID %d: %s\n" msgstr "найти локального пользователя по идентификатору (%d) не удалось: %s\n" -#: fe-auth.c:770 fe-connect.c:2023 +#: fe-auth.c:892 fe-connect.c:2258 #, c-format msgid "local user with ID %d does not exist\n" msgstr "локальный пользователь с ID %d не существует\n" -#: fe-connect.c:846 +#: fe-connect.c:918 +#, c-format +msgid "could not match %d port numbers to %d hosts\n" +msgstr "не удалось сопоставить номера портов (%d) с узлами (%d)\n" + +#: fe-connect.c:970 +msgid "could not get home directory to locate password file\n" +msgstr "не удалось получить домашний каталог для загрузки файла паролей\n" + +#: fe-connect.c:1012 #, c-format msgid "invalid sslmode value: \"%s\"\n" msgstr "неверное значение sslmode: \"%s\"\n" -#: fe-connect.c:867 +#: fe-connect.c:1033 #, c-format msgid "sslmode value \"%s\" invalid when SSL support is not compiled in\n" msgstr "значение sslmode \"%s\" недопустимо для сборки без поддержки SSL\n" -#: fe-connect.c:1104 +#: fe-connect.c:1068 +#, c-format +msgid "invalid target_session_attrs value: \"%s\"\n" +msgstr "неверное значение target_session_attrs: \"%s\"\n" + +#: fe-connect.c:1286 #, c-format msgid "could not set socket to TCP no delay mode: %s\n" msgstr "не удалось перевести сокет в режим TCP-передачи без задержки: %s\n" -#: fe-connect.c:1134 +#: fe-connect.c:1316 #, c-format msgid "" "could not connect to server: %s\n" @@ -143,7 +146,7 @@ msgstr "" "\tОн действительно работает локально и принимает\n" "\tсоединения через доменный сокет \"%s\"?\n" -#: fe-connect.c:1189 +#: fe-connect.c:1371 #, c-format msgid "" "could not connect to server: %s\n" @@ -154,7 +157,7 @@ msgstr "" "\tОн действительно работает по адресу \"%s\" (%s)\n" "\t и принимает TCP-соединения (порт %s)?\n" -#: fe-connect.c:1198 +#: fe-connect.c:1380 #, c-format msgid "" "could not connect to server: %s\n" @@ -165,243 +168,259 @@ msgstr "" "\tОн действительно работает по адресу \"%s\"\n" "\t и принимает TCP-соединения (порт %s)?\n" -#: fe-connect.c:1249 +#: fe-connect.c:1431 #, c-format msgid "setsockopt(TCP_KEEPIDLE) failed: %s\n" msgstr "ошибка в setsockopt(TCP_KEEPIDLE): %s\n" -#: fe-connect.c:1262 +#: fe-connect.c:1444 #, c-format msgid "setsockopt(TCP_KEEPALIVE) failed: %s\n" msgstr "ошибка в setsockopt(TCP_KEEPALIVE): %s\n" -#: fe-connect.c:1294 +#: fe-connect.c:1476 #, c-format msgid "setsockopt(TCP_KEEPINTVL) failed: %s\n" msgstr "ошибка в setsockopt(TCP_KEEPINTVL): %s\n" -#: fe-connect.c:1326 +#: fe-connect.c:1508 #, c-format msgid "setsockopt(TCP_KEEPCNT) failed: %s\n" msgstr "ошибка в setsockopt(TCP_KEEPCNT): %s\n" -#: fe-connect.c:1374 +#: fe-connect.c:1556 #, c-format msgid "WSAIoctl(SIO_KEEPALIVE_VALS) failed: %ui\n" msgstr "ошибка в WSAIoctl(SIO_KEEPALIVE_VALS): %ui\n" -#: fe-connect.c:1426 +#: fe-connect.c:1614 #, c-format msgid "invalid port number: \"%s\"\n" msgstr "неверный номер порта: \"%s\"\n" -#: fe-connect.c:1459 +#: fe-connect.c:1638 #, c-format msgid "Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n" msgstr "длина пути доменного сокета \"%s\" превышает предел (%d байт)\n" -#: fe-connect.c:1478 +#: fe-connect.c:1656 #, c-format msgid "could not translate host name \"%s\" to address: %s\n" msgstr "преобразовать имя \"%s\" в адрес не удалось: %s\n" -#: fe-connect.c:1482 +#: fe-connect.c:1660 #, c-format msgid "could not translate Unix-domain socket path \"%s\" to address: %s\n" msgstr "" "преобразовать путь к доменному сокету UNIX \"%s\" в адрес не удалось: %s\n" -#: fe-connect.c:1687 +#: fe-connect.c:1904 msgid "invalid connection state, probably indicative of memory corruption\n" msgstr "неверное состояние соединения - возможно разрушение памяти\n" -#: fe-connect.c:1727 +#: fe-connect.c:1961 #, c-format msgid "could not create socket: %s\n" msgstr "не удалось создать сокет: %s\n" -#: fe-connect.c:1749 +#: fe-connect.c:1983 #, c-format msgid "could not set socket to nonblocking mode: %s\n" msgstr "не удалось перевести сокет в неблокирующий режим: %s\n" -#: fe-connect.c:1760 +#: fe-connect.c:1994 #, c-format msgid "could not set socket to close-on-exec mode: %s\n" msgstr "" "не удалось перевести сокет в режим закрытия при выполнении (close-on-exec): " "%s\n" -#: fe-connect.c:1779 +#: fe-connect.c:2013 msgid "keepalives parameter must be an integer\n" msgstr "параметр keepalives должен быть целым числом\n" -#: fe-connect.c:1792 +#: fe-connect.c:2026 #, c-format msgid "setsockopt(SO_KEEPALIVE) failed: %s\n" msgstr "ошибка в setsockopt(SO_KEEPALIVE): %s\n" -#: fe-connect.c:1929 +#: fe-connect.c:2163 #, c-format msgid "could not get socket error status: %s\n" msgstr "не удалось получить статус ошибки сокета: %s\n" -#: fe-connect.c:1963 +#: fe-connect.c:2198 #, c-format msgid "could not get client address from socket: %s\n" msgstr "не удалось получить адрес клиента из сокета: %s\n" -#: fe-connect.c:2005 +#: fe-connect.c:2240 msgid "requirepeer parameter is not supported on this platform\n" msgstr "параметр requirepeer не поддерживается в этой ОС\n" -#: fe-connect.c:2008 +#: fe-connect.c:2243 #, c-format msgid "could not get peer credentials: %s\n" msgstr "не удалось получить учётные данные сервера: %s\n" -#: fe-connect.c:2031 +#: fe-connect.c:2266 #, c-format msgid "requirepeer specifies \"%s\", but actual peer user name is \"%s\"\n" msgstr "" "requirepeer допускает подключение только к \"%s\", но сервер работает под " "именем \"%s\"\n" -#: fe-connect.c:2065 +#: fe-connect.c:2300 #, c-format msgid "could not send SSL negotiation packet: %s\n" msgstr "не удалось отправить пакет согласования SSL: %s\n" -#: fe-connect.c:2104 +#: fe-connect.c:2339 #, c-format msgid "could not send startup packet: %s\n" msgstr "не удалось отправить стартовый пакет: %s\n" -#: fe-connect.c:2174 +#: fe-connect.c:2409 msgid "server does not support SSL, but SSL was required\n" msgstr "затребовано подключение через SSL, но сервер не поддерживает SSL\n" -#: fe-connect.c:2200 +#: fe-connect.c:2435 #, c-format msgid "received invalid response to SSL negotiation: %c\n" msgstr "получен неверный ответ на согласование SSL: %c\n" -#: fe-connect.c:2275 fe-connect.c:2308 +#: fe-connect.c:2510 fe-connect.c:2543 #, c-format msgid "expected authentication request from server, but received %c\n" msgstr "ожидался запрос аутентификации от сервера, но получено: %c\n" -#: fe-connect.c:2475 +#: fe-connect.c:2710 #, c-format msgid "out of memory allocating GSSAPI buffer (%d)" msgstr "недостаточно памяти для буфера GSSAPI (%d)" -#: fe-connect.c:2560 +#: fe-connect.c:2748 +#, c-format +msgid "out of memory allocating SASL buffer (%d)" +msgstr "недостаточно памяти для буфера SASL (%d)" + +#: fe-connect.c:2838 msgid "unexpected message from server during startup\n" msgstr "неожиданное сообщение от сервера в начале работы\n" -#: fe-connect.c:2654 +#: fe-connect.c:3042 +#, c-format +msgid "could not make a writable connection to server \"%s:%s\"\n" +msgstr "" +"не удалось установить подключение для чтения/записи к серверу \"%s:%s\"\n" + +#: fe-connect.c:3084 +#, c-format +msgid "test \"show transaction_read_only\" failed on \"%s:%s\" \n" +msgstr "проверка \"show transaction_read_only\" не пройдена на \"%s:%s\" \n" + +#: fe-connect.c:3106 #, c-format msgid "invalid connection state %d, probably indicative of memory corruption\n" msgstr "неверное состояние соединения %d - возможно разрушение памяти\n" -#: fe-connect.c:3090 fe-connect.c:3150 +#: fe-connect.c:3606 fe-connect.c:3666 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_CONNRESET event\n" msgstr "ошибка в PGEventProc \"%s\" при обработке события PGEVT_CONNRESET\n" -#: fe-connect.c:3497 +#: fe-connect.c:4013 #, c-format msgid "invalid LDAP URL \"%s\": scheme must be ldap://\n" msgstr "некорректный адрес LDAP \"%s\": схема должна быть ldap://\n" -#: fe-connect.c:3512 +#: fe-connect.c:4028 #, c-format msgid "invalid LDAP URL \"%s\": missing distinguished name\n" msgstr "некорректный адрес LDAP \"%s\": отсутствует уникальное имя\n" -#: fe-connect.c:3523 fe-connect.c:3576 +#: fe-connect.c:4039 fe-connect.c:4092 #, c-format msgid "invalid LDAP URL \"%s\": must have exactly one attribute\n" msgstr "некорректный адрес LDAP \"%s\": должен быть только один атрибут\n" -#: fe-connect.c:3533 fe-connect.c:3590 +#: fe-connect.c:4049 fe-connect.c:4106 #, c-format msgid "invalid LDAP URL \"%s\": must have search scope (base/one/sub)\n" msgstr "" "некорректный адрес LDAP \"%s\": не указана область поиска (base/one/sub)\n" -#: fe-connect.c:3544 +#: fe-connect.c:4060 #, c-format msgid "invalid LDAP URL \"%s\": no filter\n" msgstr "некорректный адрес LDAP \"%s\": нет фильтра\n" -#: fe-connect.c:3565 +#: fe-connect.c:4081 #, c-format msgid "invalid LDAP URL \"%s\": invalid port number\n" msgstr "некорректный адрес LDAP \"%s\": неверный номер порта\n" -#: fe-connect.c:3599 +#: fe-connect.c:4115 msgid "could not create LDAP structure\n" msgstr "не удалось создать структуру LDAP\n" -#: fe-connect.c:3675 +#: fe-connect.c:4191 #, c-format msgid "lookup on LDAP server failed: %s\n" msgstr "ошибка поиска на сервере LDAP: %s\n" -#: fe-connect.c:3686 +#: fe-connect.c:4202 msgid "more than one entry found on LDAP lookup\n" msgstr "при поиске LDAP найдено более одного вхождения\n" -#: fe-connect.c:3687 fe-connect.c:3699 +#: fe-connect.c:4203 fe-connect.c:4215 msgid "no entry found on LDAP lookup\n" msgstr "при поиске LDAP ничего не найдено\n" -#: fe-connect.c:3710 fe-connect.c:3723 +#: fe-connect.c:4226 fe-connect.c:4239 msgid "attribute has no values on LDAP lookup\n" msgstr "атрибут не содержит значений при поиске LDAP\n" -#: fe-connect.c:3775 fe-connect.c:3794 fe-connect.c:4313 +#: fe-connect.c:4291 fe-connect.c:4310 fe-connect.c:4829 #, c-format msgid "missing \"=\" after \"%s\" in connection info string\n" msgstr "в строке соединения нет \"=\" после \"%s\"\n" -#: fe-connect.c:3867 fe-connect.c:4494 fe-connect.c:5208 +#: fe-connect.c:4383 fe-connect.c:5014 fe-connect.c:5764 #, c-format msgid "invalid connection option \"%s\"\n" msgstr "неверный параметр соединения \"%s\"\n" -#: fe-connect.c:3883 fe-connect.c:4362 +#: fe-connect.c:4399 fe-connect.c:4878 msgid "unterminated quoted string in connection info string\n" msgstr "в строке соединения не хватает закрывающей кавычки\n" -#: fe-connect.c:3923 +#: fe-connect.c:4439 msgid "could not get home directory to locate service definition file" msgstr "" "не удалось получить домашний каталог для загрузки файла определений служб" -#: fe-connect.c:3956 +#: fe-connect.c:4472 #, c-format msgid "definition of service \"%s\" not found\n" msgstr "определение службы \"%s\" не найдено\n" -#: fe-connect.c:3979 +#: fe-connect.c:4495 #, c-format msgid "service file \"%s\" not found\n" msgstr "файл определений служб \"%s\" не найден\n" -#: fe-connect.c:3992 +#: fe-connect.c:4508 #, c-format msgid "line %d too long in service file \"%s\"\n" msgstr "слишком длинная строка (%d) в файле определений служб \"%s\"\n" -#: fe-connect.c:4063 fe-connect.c:4107 +#: fe-connect.c:4579 fe-connect.c:4623 #, c-format msgid "syntax error in service file \"%s\", line %d\n" msgstr "синтаксическая ошибка в файле определения служб \"%s\" (строка %d)\n" -#: fe-connect.c:4074 +#: fe-connect.c:4590 #, c-format msgid "" "nested service specifications not supported in service file \"%s\", line %d\n" @@ -409,24 +428,24 @@ msgstr "" "рекурсивные определения служб не поддерживаются (файл определения служб \"%s" "\", строка %d)\n" -#: fe-connect.c:4752 +#: fe-connect.c:5286 #, c-format msgid "invalid URI propagated to internal parser routine: \"%s\"\n" msgstr "во внутреннюю процедуру разбора строки передан ошибочный URI: \"%s\"\n" -#: fe-connect.c:4822 +#: fe-connect.c:5363 #, c-format msgid "" "end of string reached when looking for matching \"]\" in IPv6 host address " "in URI: \"%s\"\n" msgstr "URI не содержит символ \"]\" после адреса IPv6: \"%s\"\n" -#: fe-connect.c:4829 +#: fe-connect.c:5370 #, c-format msgid "IPv6 host address may not be empty in URI: \"%s\"\n" msgstr "IPv6, содержащийся в URI, не может быть пустым: \"%s\"\n" -#: fe-connect.c:4844 +#: fe-connect.c:5385 #, c-format msgid "" "unexpected character \"%c\" at position %d in URI (expected \":\" or \"/\"): " @@ -435,41 +454,41 @@ msgstr "" "неожиданный символ \"%c\" в позиции %d в URI (ожидалось \":\" или \"/\"): " "\"%s\"\n" -#: fe-connect.c:4958 +#: fe-connect.c:5514 #, c-format msgid "extra key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "лишний разделитель ключа/значения \"=\" в параметрах URI: \"%s\"\n" -#: fe-connect.c:4978 +#: fe-connect.c:5534 #, c-format msgid "missing key/value separator \"=\" in URI query parameter: \"%s\"\n" msgstr "в параметрах URI не хватает разделителя ключа/значения \"=\": \"%s\"\n" -#: fe-connect.c:5029 +#: fe-connect.c:5585 #, c-format msgid "invalid URI query parameter: \"%s\"\n" msgstr "неверный параметр в URI: \"%s\"\n" -#: fe-connect.c:5103 +#: fe-connect.c:5659 #, c-format msgid "invalid percent-encoded token: \"%s\"\n" msgstr "неверный символ, закодированный с %%: \"%s\"\n" -#: fe-connect.c:5113 +#: fe-connect.c:5669 #, c-format msgid "forbidden value %%00 in percent-encoded value: \"%s\"\n" msgstr "недопустимое значение %%00 для символа, закодированного с %%: \"%s\"\n" -#: fe-connect.c:5447 +#: fe-connect.c:6014 msgid "connection pointer is NULL\n" msgstr "нулевой указатель соединения\n" -#: fe-connect.c:5745 +#: fe-connect.c:6312 #, c-format msgid "WARNING: password file \"%s\" is not a plain file\n" msgstr "ПРЕДУПРЕЖДЕНИЕ: файл паролей \"%s\" - не обычный файл\n" -#: fe-connect.c:5754 +#: fe-connect.c:6321 #, c-format msgid "" "WARNING: password file \"%s\" has group or world access; permissions should " @@ -478,7 +497,7 @@ msgstr "" "ПРЕДУПРЕЖДЕНИЕ: к файлу паролей \"%s\" имеют доступ все или группа; права " "должны быть u=rw (0600) или более ограниченные\n" -#: fe-connect.c:5860 +#: fe-connect.c:6413 #, c-format msgid "password retrieved from file \"%s\"\n" msgstr "пароль получен из файла \"%s\"\n" @@ -487,98 +506,98 @@ msgstr "пароль получен из файла \"%s\"\n" msgid "NOTICE" msgstr "ЗАМЕЧАНИЕ" -#: fe-exec.c:1123 fe-exec.c:1181 fe-exec.c:1227 +#: fe-exec.c:1141 fe-exec.c:1199 fe-exec.c:1245 msgid "command string is a null pointer\n" msgstr "указатель на командную строку нулевой\n" -#: fe-exec.c:1187 fe-exec.c:1233 fe-exec.c:1328 +#: fe-exec.c:1205 fe-exec.c:1251 fe-exec.c:1346 msgid "number of parameters must be between 0 and 65535\n" msgstr "число параметров должно быть от 0 до 65535\n" -#: fe-exec.c:1221 fe-exec.c:1322 +#: fe-exec.c:1239 fe-exec.c:1340 msgid "statement name is a null pointer\n" msgstr "указатель на имя оператора нулевой\n" -#: fe-exec.c:1241 fe-exec.c:1405 fe-exec.c:2123 fe-exec.c:2322 +#: fe-exec.c:1259 fe-exec.c:1422 fe-exec.c:2140 fe-exec.c:2339 msgid "function requires at least protocol version 3.0\n" msgstr "функция требует протокол минимум версии 3.0\n" -#: fe-exec.c:1359 +#: fe-exec.c:1377 msgid "no connection to the server\n" msgstr "нет соединения с сервером\n" -#: fe-exec.c:1366 +#: fe-exec.c:1384 msgid "another command is already in progress\n" msgstr "уже выполняется другая команда\n" -#: fe-exec.c:1481 +#: fe-exec.c:1498 msgid "length must be given for binary parameter\n" msgstr "для двоичного параметра должна быть указана длина\n" -#: fe-exec.c:1753 +#: fe-exec.c:1770 #, c-format msgid "unexpected asyncStatus: %d\n" msgstr "неожиданный asyncStatus: %d\n" -#: fe-exec.c:1773 +#: fe-exec.c:1790 #, c-format msgid "PGEventProc \"%s\" failed during PGEVT_RESULTCREATE event\n" msgstr "ошибка в PGEventProc \"%s\" при обработке события PGEVT_RESULTCREATE\n" -#: fe-exec.c:1933 +#: fe-exec.c:1950 msgid "COPY terminated by new PQexec" msgstr "операция COPY прервана вызовом PQexec" -#: fe-exec.c:1941 +#: fe-exec.c:1958 msgid "COPY IN state must be terminated first\n" msgstr "сначала должно завершиться состояние COPY IN\n" -#: fe-exec.c:1961 +#: fe-exec.c:1978 msgid "COPY OUT state must be terminated first\n" msgstr "сначала должно завершиться состояние COPY OUT\n" -#: fe-exec.c:1969 +#: fe-exec.c:1986 msgid "PQexec not allowed during COPY BOTH\n" msgstr "вызов PQexec не допускается в процессе COPY BOTH\n" -#: fe-exec.c:2212 fe-exec.c:2279 fe-exec.c:2369 fe-protocol2.c:1352 +#: fe-exec.c:2229 fe-exec.c:2296 fe-exec.c:2386 fe-protocol2.c:1352 #: fe-protocol3.c:1817 msgid "no COPY in progress\n" msgstr "операция COPY не выполняется\n" -#: fe-exec.c:2559 +#: fe-exec.c:2576 msgid "connection in wrong state\n" msgstr "соединение в неправильном состоянии\n" -#: fe-exec.c:2590 +#: fe-exec.c:2607 msgid "invalid ExecStatusType code" msgstr "неверный код ExecStatusType" -#: fe-exec.c:2617 +#: fe-exec.c:2634 msgid "PGresult is not an error result\n" msgstr "В PGresult не передан результат ошибки\n" -#: fe-exec.c:2692 fe-exec.c:2715 +#: fe-exec.c:2709 fe-exec.c:2732 #, c-format msgid "column number %d is out of range 0..%d" msgstr "номер столбца %d вне диапазона 0..%d" -#: fe-exec.c:2708 +#: fe-exec.c:2725 #, c-format msgid "row number %d is out of range 0..%d" msgstr "номер записи %d вне диапазона 0..%d" -#: fe-exec.c:2730 +#: fe-exec.c:2747 #, c-format msgid "parameter number %d is out of range 0..%d" msgstr "номер параметра %d вне диапазона 0..%d" -#: fe-exec.c:3040 +#: fe-exec.c:3057 #, c-format msgid "could not interpret result from server: %s" msgstr "не удалось интерпретировать ответ сервера: %s" -#: fe-exec.c:3279 fe-exec.c:3363 +#: fe-exec.c:3296 fe-exec.c:3380 msgid "incomplete multibyte character\n" msgstr "неполный многобайтный символ\n" @@ -679,7 +698,7 @@ msgstr "функция pqPutInt не поддерживает integer разме msgid "connection not open\n" msgstr "соединение не открыто\n" -#: fe-misc.c:812 fe-secure-openssl.c:270 fe-secure-openssl.c:379 +#: fe-misc.c:812 fe-secure-openssl.c:229 fe-secure-openssl.c:338 #: fe-secure.c:253 fe-secure.c:362 msgid "" "server closed the connection unexpectedly\n" @@ -892,102 +911,128 @@ msgstr "СТРОКА %d: " msgid "PQgetline: not doing text COPY OUT\n" msgstr "PQgetline можно вызывать только во время COPY OUT с текстом\n" -#: fe-secure-openssl.c:146 fe-secure-openssl.c:1030 fe-secure-openssl.c:1250 -#, c-format -msgid "could not acquire mutex: %s\n" -msgstr "не удалось заблокировать семафор: %s\n" - -#: fe-secure-openssl.c:158 -#, c-format -msgid "could not establish SSL connection: %s\n" -msgstr "не удалось установить SSL-соединение: %s\n" - -#: fe-secure-openssl.c:275 fe-secure-openssl.c:384 fe-secure-openssl.c:1376 +#: fe-secure-openssl.c:234 fe-secure-openssl.c:343 fe-secure-openssl.c:1321 #, c-format msgid "SSL SYSCALL error: %s\n" msgstr "ошибка SSL SYSCALL: %s\n" -#: fe-secure-openssl.c:282 fe-secure-openssl.c:391 fe-secure-openssl.c:1380 +#: fe-secure-openssl.c:241 fe-secure-openssl.c:350 fe-secure-openssl.c:1325 msgid "SSL SYSCALL error: EOF detected\n" msgstr "ошибка SSL SYSCALL: конец файла (EOF)\n" -#: fe-secure-openssl.c:293 fe-secure-openssl.c:402 fe-secure-openssl.c:1389 +#: fe-secure-openssl.c:252 fe-secure-openssl.c:361 fe-secure-openssl.c:1334 #, c-format msgid "SSL error: %s\n" msgstr "ошибка SSL: %s\n" -#: fe-secure-openssl.c:308 fe-secure-openssl.c:417 +#: fe-secure-openssl.c:267 fe-secure-openssl.c:376 msgid "SSL connection has been closed unexpectedly\n" msgstr "SSL-соединение было неожиданно закрыто\n" -#: fe-secure-openssl.c:314 fe-secure-openssl.c:423 fe-secure-openssl.c:1398 +#: fe-secure-openssl.c:273 fe-secure-openssl.c:382 fe-secure-openssl.c:1343 #, c-format msgid "unrecognized SSL error code: %d\n" msgstr "нераспознанный код ошибки SSL: %d\n" -#: fe-secure-openssl.c:535 +#: fe-secure-openssl.c:494 msgid "SSL certificate's name entry is missing\n" msgstr "запись имени в SSL-сертификате отсутствует\n" -#: fe-secure-openssl.c:565 +#: fe-secure-openssl.c:528 msgid "SSL certificate's name contains embedded null\n" msgstr "имя в SSL-сертификате включает нулевой байт\n" -#: fe-secure-openssl.c:616 +#: fe-secure-openssl.c:580 msgid "host name must be specified for a verified SSL connection\n" msgstr "для проверенного SSL-соединения требуется указать имя узла\n" -#: fe-secure-openssl.c:716 +#: fe-secure-openssl.c:680 #, c-format msgid "server certificate for \"%s\" does not match host name \"%s\"\n" msgstr "" "серверный сертификат для \"%s\" не соответствует имени сервера \"%s\"\n" -#: fe-secure-openssl.c:722 +#: fe-secure-openssl.c:686 msgid "could not get server's host name from server certificate\n" msgstr "не удалось получить имя сервера из сертификата\n" -#: fe-secure-openssl.c:869 +#: fe-secure-openssl.c:928 #, c-format msgid "could not create SSL context: %s\n" msgstr "не удалось создать контекст SSL: %s\n" -#: fe-secure-openssl.c:1000 +#: fe-secure-openssl.c:965 +#, c-format +msgid "could not read root certificate file \"%s\": %s\n" +msgstr "не удалось прочитать файл корневых сертификатов \"%s\": %s\n" + +#: fe-secure-openssl.c:993 +#, c-format +msgid "SSL library does not support CRL certificates (file \"%s\")\n" +msgstr "Библиотека SSL не поддерживает проверку CRL (файл \"%s\")\n" + +#: fe-secure-openssl.c:1021 +msgid "" +"could not get home directory to locate root certificate file\n" +"Either provide the file or change sslmode to disable server certificate " +"verification.\n" +msgstr "" +"не удалось получить домашний каталог для поиска файла корневых сертификатов\n" +"Укажите полный путь к файлу или отключите проверку сертификата сервера, " +"изменив sslmode.\n" + +#: fe-secure-openssl.c:1025 +#, c-format +msgid "" +"root certificate file \"%s\" does not exist\n" +"Either provide the file or change sslmode to disable server certificate " +"verification.\n" +msgstr "" +"файл корневых сертификатов \"%s\" не существует\n" +"Укажите полный путь к файлу или отключите проверку сертификата сервера, " +"изменив sslmode.\n" + +#: fe-secure-openssl.c:1056 #, c-format msgid "could not open certificate file \"%s\": %s\n" msgstr "не удалось открыть файл сертификата \"%s\": %s\n" -#: fe-secure-openssl.c:1039 fe-secure-openssl.c:1054 +#: fe-secure-openssl.c:1075 #, c-format msgid "could not read certificate file \"%s\": %s\n" msgstr "не удалось прочитать файл сертификата \"%s\": %s\n" -#: fe-secure-openssl.c:1109 +#: fe-secure-openssl.c:1099 +#, c-format +msgid "could not establish SSL connection: %s\n" +msgstr "не удалось установить SSL-соединение: %s\n" + +#: fe-secure-openssl.c:1153 #, c-format msgid "could not load SSL engine \"%s\": %s\n" msgstr "не удалось загрузить модуль SSL ENGINE \"%s\": %s\n" -#: fe-secure-openssl.c:1121 +#: fe-secure-openssl.c:1165 #, c-format msgid "could not initialize SSL engine \"%s\": %s\n" msgstr "не удалось инициализировать модуль SSL ENGINE \"%s\": %s\n" -#: fe-secure-openssl.c:1137 +#: fe-secure-openssl.c:1181 #, c-format msgid "could not read private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "не удалось прочитать закрытый ключ SSL \"%s\" из модуля \"%s\": %s\n" -#: fe-secure-openssl.c:1151 +#: fe-secure-openssl.c:1195 #, c-format msgid "could not load private SSL key \"%s\" from engine \"%s\": %s\n" msgstr "не удалось загрузить закрытый ключ SSL \"%s\" из модуля \"%s\": %s\n" -#: fe-secure-openssl.c:1188 +#: fe-secure-openssl.c:1232 #, c-format msgid "certificate present, but not private key file \"%s\"\n" msgstr "сертификат присутствует, но файла закрытого ключа \"%s\" нет\n" -#: fe-secure-openssl.c:1196 +#: fe-secure-openssl.c:1240 #, c-format msgid "" "private key file \"%s\" has group or world access; permissions should be " @@ -996,58 +1041,27 @@ msgstr "" "к файлу закрытого ключа \"%s\" имеют доступ все или группа; права должны " "быть u=rw (0600) или более ограниченные\n" -#: fe-secure-openssl.c:1207 +#: fe-secure-openssl.c:1251 #, c-format msgid "could not load private key file \"%s\": %s\n" msgstr "не удалось загрузить файл закрытого ключа \"%s\": %s\n" -#: fe-secure-openssl.c:1221 +#: fe-secure-openssl.c:1265 #, c-format msgid "certificate does not match private key file \"%s\": %s\n" msgstr "сертификат не соответствует файлу закрытого ключа \"%s\": %s\n" -#: fe-secure-openssl.c:1259 -#, c-format -msgid "could not read root certificate file \"%s\": %s\n" -msgstr "не удалось прочитать файл корневых сертификатов \"%s\": %s\n" - -#: fe-secure-openssl.c:1289 -#, c-format -msgid "SSL library does not support CRL certificates (file \"%s\")\n" -msgstr "Библиотека SSL не поддерживает проверку CRL (файл \"%s\")\n" - -#: fe-secure-openssl.c:1322 -msgid "" -"could not get home directory to locate root certificate file\n" -"Either provide the file or change sslmode to disable server certificate " -"verification.\n" -msgstr "" -"не удалось получить домашний каталог для поиска файла корневых сертификатов\n" -"Укажите полный путь к файлу или отключите проверку сертификата сервера, " -"изменив sslmode.\n" - -#: fe-secure-openssl.c:1326 -#, c-format -msgid "" -"root certificate file \"%s\" does not exist\n" -"Either provide the file or change sslmode to disable server certificate " -"verification.\n" -msgstr "" -"файл корневых сертификатов \"%s\" не существует\n" -"Укажите полный путь к файлу или отключите проверку сертификата сервера, " -"изменив sslmode.\n" - -#: fe-secure-openssl.c:1419 +#: fe-secure-openssl.c:1364 #, c-format msgid "certificate could not be obtained: %s\n" msgstr "не удалось получить сертификат: %s\n" -#: fe-secure-openssl.c:1511 +#: fe-secure-openssl.c:1456 #, c-format msgid "no SSL error reported" msgstr "нет сообщения об ошибке SSL" -#: fe-secure-openssl.c:1520 +#: fe-secure-openssl.c:1465 #, c-format msgid "SSL error code %lu" msgstr "код ошибки SSL: %lu" @@ -1067,6 +1081,9 @@ msgstr "не удалось передать данные серверу: %s\n" msgid "unrecognized socket error: 0x%08X/%d" msgstr "нераспознанная ошибка сокета: 0x%08X/%d" +#~ msgid "could not acquire mutex: %s\n" +#~ msgstr "не удалось заблокировать семафор: %s\n" + #~ msgid "socket not open\n" #~ msgstr "сокет не открыт\n" diff --git a/src/interfaces/libpq/po/zh_CN.po b/src/interfaces/libpq/po/zh_CN.po index ec2268ba24..189c3106ca 100644 --- a/src/interfaces/libpq/po/zh_CN.po +++ b/src/interfaces/libpq/po/zh_CN.po @@ -6,7 +6,7 @@ msgstr "" "Project-Id-Version: libpq (PostgreSQL 9.0)\n" "Report-Msgid-Bugs-To: pgsql-bugs@postgresql.org\n" "POT-Creation-Date: 2016-04-18 04:38+0000\n" -"PO-Revision-Date: 2016-05-19 20:39+0800\n" +"PO-Revision-Date: 2016-09-26 10:11-0400\n" "Last-Translator: Yuwei Peng <ywpeng@whu.edu.cn>\n" "Language-Team: Chinese (Simplified) <ywpeng@whu.edu.cn>\n" "Language: zh_CN\n" @@ -698,13 +698,13 @@ msgstr "无法判断函数 lowrite 的 OID\n" #: fe-misc.c:295 #, c-format msgid "integer of size %lu not supported by pqGetInt" -msgstr "pgGetInt 不支持大小为 %lu 的整数" +msgstr "pqGetInt 不支持大小为 %lu 的整数" # fe-misc.c:341 #: fe-misc.c:331 #, c-format msgid "integer of size %lu not supported by pqPutInt" -msgstr "pgPutInt 不支持大小为 %lu 的整数" +msgstr "pqPutInt 不支持大小为 %lu 的整数" # fe-misc.c:450 fe-misc.c:642 fe-misc.c:798 #: fe-misc.c:642 fe-misc.c:843 diff --git a/src/interfaces/libpq/pqexpbuffer.c b/src/interfaces/libpq/pqexpbuffer.c index 8d82d5c3ae..fd62cde99f 100644 --- a/src/interfaces/libpq/pqexpbuffer.c +++ b/src/interfaces/libpq/pqexpbuffer.c @@ -15,7 +15,7 @@ * a usable vsnprintf(), then a copy of our own implementation of it will * be linked into libpq. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/pqexpbuffer.c diff --git a/src/interfaces/libpq/pqexpbuffer.h b/src/interfaces/libpq/pqexpbuffer.h index ce87cd5b1e..239def42b7 100644 --- a/src/interfaces/libpq/pqexpbuffer.h +++ b/src/interfaces/libpq/pqexpbuffer.h @@ -15,7 +15,7 @@ * a usable vsnprintf(), then a copy of our own implementation of it will * be linked into libpq. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/interfaces/libpq/pqexpbuffer.h diff --git a/src/interfaces/libpq/pthread-win32.c b/src/interfaces/libpq/pthread-win32.c index 68dfefc3b9..0e0d3eeb88 100644 --- a/src/interfaces/libpq/pthread-win32.c +++ b/src/interfaces/libpq/pthread-win32.c @@ -3,7 +3,7 @@ * pthread-win32.c * partial pthread implementation for win32 * -* Copyright (c) 2004-2016, PostgreSQL Global Development Group +* Copyright (c) 2004-2017, PostgreSQL Global Development Group * IDENTIFICATION * src/interfaces/libpq/pthread-win32.c * @@ -12,7 +12,6 @@ #include "postgres_fe.h" -#include <windows.h> #include "pthread-win32.h" DWORD diff --git a/src/interfaces/libpq/test/.gitignore b/src/interfaces/libpq/test/.gitignore new file mode 100644 index 0000000000..5387b3b6d9 --- /dev/null +++ b/src/interfaces/libpq/test/.gitignore @@ -0,0 +1,3 @@ +/uri-regress +/regress.diff +/regress.out diff --git a/src/interfaces/libpq/test/Makefile b/src/interfaces/libpq/test/Makefile index ab41dc33a6..01041fb15f 100644 --- a/src/interfaces/libpq/test/Makefile +++ b/src/interfaces/libpq/test/Makefile @@ -18,5 +18,5 @@ installcheck: all $(PERL) $(top_srcdir)/$(subdir)/regress.pl clean distclean maintainer-clean: - rm -f $(PROGS) + rm -f $(PROGS) *.o rm -f regress.out regress.diff diff --git a/src/interfaces/libpq/test/regress.pl b/src/interfaces/libpq/test/regress.pl index 1dab12282b..3ad638a91b 100644 --- a/src/interfaces/libpq/test/regress.pl +++ b/src/interfaces/libpq/test/regress.pl @@ -14,19 +14,19 @@ my $expected_out = "$srcdir/$subdir/expected.out"; my $regress_out = "regress.out"; # open input file first, so possible error isn't sent to redirected STDERR -open(REGRESS_IN, "<", $regress_in) +open(my $regress_in_fh, "<", $regress_in) or die "can't open $regress_in for reading: $!"; # save STDOUT/ERR and redirect both to regress.out -open(OLDOUT, ">&", \*STDOUT) or die "can't dup STDOUT: $!"; -open(OLDERR, ">&", \*STDERR) or die "can't dup STDERR: $!"; +open(my $oldout_fh, ">&", \*STDOUT) or die "can't dup STDOUT: $!"; +open(my $olderr_fh, ">&", \*STDERR) or die "can't dup STDERR: $!"; open(STDOUT, ">", $regress_out) or die "can't open $regress_out for writing: $!"; open(STDERR, ">&", \*STDOUT) or die "can't dup STDOUT: $!"; # read lines from regress.in and run uri-regress on them -while (<REGRESS_IN>) +while (<$regress_in_fh>) { chomp; print "trying $_\n"; @@ -35,11 +35,12 @@ while (<REGRESS_IN>) } # restore STDOUT/ERR so we can print the outcome to the user -open(STDERR, ">&", \*OLDERR) or die; # can't complain as STDERR is still duped -open(STDOUT, ">&", \*OLDOUT) or die "can't restore STDOUT: $!"; +open(STDERR, ">&", $olderr_fh) + or die; # can't complain as STDERR is still duped +open(STDOUT, ">&", $oldout_fh) or die "can't restore STDOUT: $!"; # just in case -close REGRESS_IN; +close $regress_in_fh; my $diff_status = system( "diff -c \"$srcdir/$subdir/expected.out\" regress.out >regress.diff"); diff --git a/src/interfaces/libpq/test/uri-regress.c b/src/interfaces/libpq/test/uri-regress.c index bf1d9704c3..fac849bab2 100644 --- a/src/interfaces/libpq/test/uri-regress.c +++ b/src/interfaces/libpq/test/uri-regress.c @@ -7,7 +7,7 @@ * prints out the values from the parsed PQconninfoOption struct that differ * from the defaults (obtained from PQconndefaults). * - * Portions Copyright (c) 2012-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 2012-2017, PostgreSQL Global Development Group * * IDENTIFICATION * src/interfaces/libpq/test/uri-regress.c diff --git a/src/interfaces/libpq/win32.c b/src/interfaces/libpq/win32.c index 06a39211e9..f99f9a8cdb 100644 --- a/src/interfaces/libpq/win32.c +++ b/src/interfaces/libpq/win32.c @@ -15,7 +15,7 @@ * The error constants are taken from the Frambak Bakfram LGSOCKET * library guys who in turn took them from the Winsock FAQ. * - * Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group + * Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * */ @@ -32,7 +32,7 @@ #include "win32.h" -/* Declared here to avoid pulling in all includes, which causes name collissions */ +/* Declared here to avoid pulling in all includes, which causes name collisions */ #ifdef ENABLE_NLS extern char *libpq_gettext(const char *msgid) pg_attribute_format_arg(1); #else diff --git a/src/interfaces/libpq/win32.h b/src/interfaces/libpq/win32.h index be00ea73cb..c42d7abfe3 100644 --- a/src/interfaces/libpq/win32.h +++ b/src/interfaces/libpq/win32.h @@ -7,17 +7,11 @@ /* * Some compatibility functions */ -#ifdef __BORLANDC__ -#define _timeb timeb -#define _ftime(a) ftime(a) -#define _errno errno -#define popen(a,b) _popen(a,b) -#else + /* open provided elsewhere */ #define close(a) _close(a) #define read(a,b,c) _read(a,b,c) #define write(a,b,c) _write(a,b,c) -#endif #undef EAGAIN /* doesn't apply on sockets */ #undef EINTR diff --git a/src/interfaces/libpq/win32.mak b/src/interfaces/libpq/win32.mak deleted file mode 100644 index 268991e784..0000000000 --- a/src/interfaces/libpq/win32.mak +++ /dev/null @@ -1,366 +0,0 @@ -# Makefile for Microsoft Visual C++ 7.1-8.0 - -# Will build a static library libpq(d).lib -# and a dynamic library libpq(d).dll with import library libpq(d)dll.lib -# USE_OPENSSL=1 will compile with OpenSSL -# USE_KFW=1 will compile with kfw(kerberos for Windows) -# DEBUG=1 compiles with debugging symbols -# ENABLE_THREAD_SAFETY=1 compiles with threading enabled - -ENABLE_THREAD_SAFETY=1 - -# CPU="i386" or CPU environment of nmake.exe (AMD64 or IA64) - -!IF ("$(CPU)" == "")||("$(CPU)" == "i386") -CPU=i386 -!MESSAGE Building the Win32 static library... -!MESSAGE -!ELSEIF ("$(CPU)" == "IA64")||("$(CPU)" == "AMD64") -ADD_DEFINES=/Wp64 /GS -ADD_SECLIB=bufferoverflowU.lib -!MESSAGE Building the Win64 static library... -!MESSAGE -!ELSE -!MESSAGE Please check a CPU=$(CPU) ? -!MESSAGE CPU=i386 or AMD64 or IA64 -!ERROR Make aborted. -!ENDIF - -!IFDEF DEBUG -OPT=/Od /Zi /MDd -LOPT=/DEBUG -DEBUGDEF=/D _DEBUG -OUTFILENAME=libpqd -!ELSE -OPT=/O2 /MD -LOPT= -DEBUGDEF=/D NDEBUG -OUTFILENAME=libpq -!ENDIF - -!IF "$(SSL_INC)" == "" -SSL_INC=C:\OpenSSL\include -!MESSAGE Using default OpenSSL Include directory: $(SSL_INC) -!ENDIF - -!IF "$(SSL_LIB_PATH)" == "" -SSL_LIB_PATH=C:\OpenSSL\lib\VC -!MESSAGE Using default OpenSSL Library directory: $(SSL_LIB_PATH) -!ENDIF - -!IF "$(KFW_INC)" == "" -KFW_INC=C:\kfw-2.6.5\inc -!MESSAGE Using default Kerberos Include directory: $(KFW_INC) -!ENDIF - -!IF "$(KFW_LIB_PATH)" == "" -KFW_LIB_PATH=C:\kfw-2.6.5\lib\$(CPU) -!MESSAGE Using default Kerberos Library directory: $(KFW_LIB_PATH) -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -CPP=cl.exe -RSC=rc.exe - -!IFDEF DEBUG -OUTDIR=.\Debug -INTDIR=.\Debug -CPP_OBJS=.\Debug/ -!ELSE -OUTDIR=.\Release -INTDIR=.\Release -CPP_OBJS=.\Release/ -!ENDIF - - -ALL : config "$(OUTDIR)\$(OUTFILENAME).lib" "$(OUTDIR)\$(OUTFILENAME).dll" - -CLEAN : - -@erase "$(INTDIR)\getaddrinfo.obj" - -@erase "$(INTDIR)\pgstrcasecmp.obj" - -@erase "$(INTDIR)\pqsignal.obj" - -@erase "$(INTDIR)\thread.obj" - -@erase "$(INTDIR)\inet_aton.obj" - -@erase "$(INTDIR)\crypt.obj" - -@erase "$(INTDIR)\noblock.obj" - -@erase "$(INTDIR)\chklocale.obj" - -@erase "$(INTDIR)\inet_net_ntop.obj" - -@erase "$(INTDIR)\md5.obj" - -@erase "$(INTDIR)\ip.obj" - -@erase "$(INTDIR)\fe-auth.obj" - -@erase "$(INTDIR)\fe-protocol2.obj" - -@erase "$(INTDIR)\fe-protocol3.obj" - -@erase "$(INTDIR)\fe-connect.obj" - -@erase "$(INTDIR)\fe-exec.obj" - -@erase "$(INTDIR)\fe-lobj.obj" - -@erase "$(INTDIR)\fe-misc.obj" - -@erase "$(INTDIR)\fe-print.obj" - -@erase "$(INTDIR)\fe-secure.obj" - -@erase "$(INTDIR)\libpq-events.obj" - -@erase "$(INTDIR)\pqexpbuffer.obj" - -@erase "$(INTDIR)\win32.obj" - -@erase "$(INTDIR)\wchar.obj" - -@erase "$(INTDIR)\encnames.obj" - -@erase "$(INTDIR)\pthread-win32.obj" - -@erase "$(INTDIR)\snprintf.obj" - -@erase "$(INTDIR)\strlcpy.obj" - -@erase "$(INTDIR)\dirent.obj" - -@erase "$(INTDIR)\dirmod.obj" - -@erase "$(INTDIR)\pgsleep.obj" - -@erase "$(INTDIR)\open.obj" - -@erase "$(INTDIR)\system.obj" - -@erase "$(INTDIR)\win32error.obj" - -@erase "$(INTDIR)\win32setlocale.obj" - -@erase "$(OUTDIR)\$(OUTFILENAME).lib" - -@erase "$(OUTDIR)\$(OUTFILENAME)dll.lib" - -@erase "$(OUTDIR)\libpq.res" - -@erase "$(OUTDIR)\$(OUTFILENAME).dll" - -@erase "$(OUTDIR)\$(OUTFILENAME)dll.exp" - -@erase "$(OUTDIR)\$(OUTFILENAME).dll.manifest" - -@erase "$(OUTDIR)\*.idb" - -@erase pg_config_paths.h" -!IFDEF USE_OPENSSL - -@erase "$(INTDIR)\fe-secure-openssl.obj" -!ENDIF - - -LIB32=link.exe -lib -LIB32_FLAGS=$(LOPT) /nologo /out:"$(OUTDIR)\$(OUTFILENAME).lib" -LIB32_OBJS= \ - "$(INTDIR)\win32.obj" \ - "$(INTDIR)\getaddrinfo.obj" \ - "$(INTDIR)\pgstrcasecmp.obj" \ - "$(INTDIR)\pqsignal.obj" \ - "$(INTDIR)\thread.obj" \ - "$(INTDIR)\inet_aton.obj" \ - "$(INTDIR)\crypt.obj" \ - "$(INTDIR)\noblock.obj" \ - "$(INTDIR)\chklocale.obj" \ - "$(INTDIR)\inet_net_ntop.obj" \ - "$(INTDIR)\md5.obj" \ - "$(INTDIR)\ip.obj" \ - "$(INTDIR)\fe-auth.obj" \ - "$(INTDIR)\fe-protocol2.obj" \ - "$(INTDIR)\fe-protocol3.obj" \ - "$(INTDIR)\fe-connect.obj" \ - "$(INTDIR)\fe-exec.obj" \ - "$(INTDIR)\fe-lobj.obj" \ - "$(INTDIR)\fe-misc.obj" \ - "$(INTDIR)\fe-print.obj" \ - "$(INTDIR)\fe-secure.obj" \ - "$(INTDIR)\libpq-events.obj" \ - "$(INTDIR)\pqexpbuffer.obj" \ - "$(INTDIR)\wchar.obj" \ - "$(INTDIR)\encnames.obj" \ - "$(INTDIR)\snprintf.obj" \ - "$(INTDIR)\strlcpy.obj" \ - "$(INTDIR)\dirent.obj" \ - "$(INTDIR)\dirmod.obj" \ - "$(INTDIR)\pgsleep.obj" \ - "$(INTDIR)\open.obj" \ - "$(INTDIR)\system.obj" \ - "$(INTDIR)\win32error.obj" \ - "$(INTDIR)\win32setlocale.obj" \ - "$(INTDIR)\pthread-win32.obj" - -!IFDEF USE_OPENSSL -LIB32_OBJS=$(LIB32_OBJS) "$(INTDIR)\fe-secure-openssl.obj" -!ENDIF - - -config: ..\..\include\pg_config.h ..\..\include\pg_config_ext.h pg_config_paths.h ..\..\include\pg_config_os.h - -..\..\include\pg_config.h: ..\..\include\pg_config.h.win32 - copy ..\..\include\pg_config.h.win32 ..\..\include\pg_config.h - -..\..\include\pg_config_ext.h: ..\..\include\pg_config_ext.h.win32 - copy ..\..\include\pg_config_ext.h.win32 ..\..\include\pg_config_ext.h - -..\..\include\pg_config_os.h: - copy ..\..\include\port\win32.h ..\..\include\pg_config_os.h - -pg_config_paths.h: win32.mak - echo #define SYSCONFDIR "" > pg_config_paths.h - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP_PROJ=/nologo /W3 /EHsc $(OPT) /I "..\..\include" /I "..\..\include\port\win32" /I "..\..\include\port\win32_msvc" /I "..\..\port" /I. /I "$(SSL_INC)" \ - /D "FRONTEND" $(DEBUGDEF) \ - /D "WIN32" /D "_WINDOWS" /Fp"$(INTDIR)\libpq.pch" \ - /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c \ - /D "_CRT_SECURE_NO_DEPRECATE" $(ADD_DEFINES) - -!IFDEF USE_OPENSSL -CPP_PROJ=$(CPP_PROJ) /D USE_OPENSSL -SSL_LIBS=ssleay32.lib libeay32.lib gdi32.lib -!ENDIF - -!IFDEF USE_KFW -CPP_PROJ=$(CPP_PROJ) /D KRB5 -KFW_LIBS=krb5_32.lib comerr32.lib gssapi32.lib -!ENDIF - -!IFDEF ENABLE_THREAD_SAFETY -CPP_PROJ=$(CPP_PROJ) /D ENABLE_THREAD_SAFETY -!ENDIF - -CPP_SBRS=. - -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\libpq.res" - -LINK32=link.exe -LINK32_FLAGS=kernel32.lib user32.lib advapi32.lib shell32.lib ws2_32.lib secur32.lib $(SSL_LIBS) $(KFW_LIB) $(ADD_SECLIB) \ - /nologo /subsystem:windows /dll $(LOPT) /incremental:no \ - /pdb:"$(OUTDIR)\libpqdll.pdb" /machine:$(CPU) \ - /out:"$(OUTDIR)\$(OUTFILENAME).dll"\ - /implib:"$(OUTDIR)\$(OUTFILENAME)dll.lib" \ - /libpath:"$(SSL_LIB_PATH)" /libpath:"$(KFW_LIB_PATH)" \ - /def:$(OUTFILENAME)dll.def -LINK32_OBJS= \ - "$(OUTDIR)\$(OUTFILENAME).lib" \ - "$(OUTDIR)\libpq.res" - -# @<< is a Response file, http://www.opussoftware.com/tutorial/TutMakefile.htm - -"$(OUTDIR)\$(OUTFILENAME).lib" : "$(OUTDIR)" $(DEF_FILE) $(LIB32_OBJS) - $(LIB32) @<< - $(LIB32_FLAGS) $(DEF_FLAGS) $(LIB32_OBJS) -<< - -"$(INTDIR)\libpq.res" : "$(INTDIR)" libpq-dist.rc - $(RSC) $(RSC_PROJ) libpq-dist.rc - - -"$(OUTDIR)\$(OUTFILENAME).dll" : "$(OUTDIR)" "$(INTDIR)\libpq.res" - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< -# Inclusion of manifest -!IF "$(_NMAKE_VER)" != "6.00.8168.0" && "$(_NMAKE_VER)" != "7.00.9466" -!IF "$(_NMAKE_VER)" != "6.00.9782.0" && "$(_NMAKE_VER)" != "7.10.3077" - mt -manifest $(OUTDIR)\$(OUTFILENAME).dll.manifest -outputresource:$(OUTDIR)\$(OUTFILENAME).dll;2 -!ENDIF -!ENDIF - -"$(INTDIR)\getaddrinfo.obj" : ..\..\port\getaddrinfo.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\getaddrinfo.c -<< - -"$(INTDIR)\pgstrcasecmp.obj" : ..\..\port\pgstrcasecmp.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\pgstrcasecmp.c -<< - -"$(INTDIR)\pqsignal.obj" : ..\..\port\pqsignal.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\pqsignal.c -<< - -"$(INTDIR)\thread.obj" : ..\..\port\thread.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\thread.c -<< - -"$(INTDIR)\inet_aton.obj" : ..\..\port\inet_aton.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\inet_aton.c -<< - -"$(INTDIR)\crypt.obj" : ..\..\port\crypt.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\crypt.c -<< - -"$(INTDIR)\noblock.obj" : ..\..\port\noblock.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\noblock.c -<< - -"$(INTDIR)\chklocale.obj" : ..\..\port\chklocale.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\chklocale.c -<< - -"$(INTDIR)\inet_net_ntop.obj" : ..\..\port\inet_net_ntop.c - $(CPP) @<< - $(CPP_PROJ) ..\..\port\inet_net_ntop.c -<< - -"$(INTDIR)\md5.obj" : ..\..\backend\libpq\md5.c - $(CPP) @<< - $(CPP_PROJ) ..\..\backend\libpq\md5.c -<< - -"$(INTDIR)\ip.obj" : ..\..\backend\libpq\ip.c - $(CPP) @<< - $(CPP_PROJ) ..\..\backend\libpq\ip.c -<< - -"$(INTDIR)\wchar.obj" : ..\..\backend\utils\mb\wchar.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\backend\utils\mb\wchar.c -<< - - -"$(INTDIR)\encnames.obj" : ..\..\backend\utils\mb\encnames.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\backend\utils\mb\encnames.c -<< - -"$(INTDIR)\snprintf.obj" : ..\..\port\snprintf.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\snprintf.c -<< - -"$(INTDIR)\strlcpy.obj" : ..\..\port\strlcpy.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\strlcpy.c -<< - -"$(INTDIR)\dirent.obj" : ..\..\port\dirent.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\dirent.c -<< - -"$(INTDIR)\dirmod.obj" : ..\..\port\dirmod.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\dirmod.c -<< - -"$(INTDIR)\pgsleep.obj" : ..\..\port\pgsleep.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\pgsleep.c -<< - -"$(INTDIR)\open.obj" : ..\..\port\open.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\open.c -<< - -"$(INTDIR)\system.obj" : ..\..\port\system.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\system.c -<< - -"$(INTDIR)\win32error.obj" : ..\..\port\win32error.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\win32error.c -<< - -"$(INTDIR)\win32setlocale.obj" : ..\..\port\win32setlocale.c - $(CPP) @<< - $(CPP_PROJ) /I"." ..\..\port\win32setlocale.c -<< - -.c{$(CPP_OBJS)}.obj: - $(CPP) $(CPP_PROJ) $< - -.c.obj: - $(CPP) $(CPP_PROJ) $< |