Adjust lookup of client-side profile files (.pgpass and so on) as per

discussion on pgsql-hackers-win32 list.  Documentation still needs to
be tweaked --- I'm not sure how to refer to the APPDATA folder in
user documentation.

6 files changed, 78 insertions, 67 deletions

diff --git a/src/backend/libpq/README.SSL b/src/backend/libpq/README.SSL
index 9d9adcb7fb8..9b00a4f0fff 100644
--- a/src/backend/libpq/README.SSL
+++ b/src/backend/libpq/README.SSL
@@ -177,7 +177,7 @@ user should be set up on the database server.  It is acceptable
 for the shell program to be bogus (e.g., /bin/false), if the
 tunnel is set up in to avoid launching a remote shell.
 
-On each client system the $HOME/.ssh/config file should contain
+On each client system the ~/.ssh/config file should contain
 an additional line similiar to
 
  LocalForward 5555 psql.example.com:5432
@@ -192,7 +192,7 @@ that establishes an SSH tunnel when the program is launched:
 
   #!/bin/sh
   HOST=psql.example.com
-  IDENTITY=$HOME/.ssh/identity.psql
+  IDENTITY=~/.ssh/identity.psql
   /usr/bin/ssh -1 -i $IDENTITY -n $HOST 'sleep 60' & \
 	/usr/bin/psql -h $HOST -p 5555 $1
 
@@ -335,12 +335,12 @@ PostgreSQL can generate client certificates via a four-step process.
 
    The client.conf file is normally installed in /etc/postgresql/root.crt.
    The client should also copy the server's root.crt file to
-   $HOME/.postgresql/root.crt.
+   ~/.postgresql/root.crt.
 
 2. If the user has the OpenSSL applications installed, they can
    run pgkeygen.sh.  (An equivalent compiled program will be available
    in the future.)  They should provide a copy of the
-   $HOME/.postgresql/postgresql.pem file to their DBA.
+   ~/.postgresql/postgresql.pem file to their DBA.
 
 3. The DBA should sign this file the OpenSSL applications:
 
@@ -348,7 +348,7 @@ PostgreSQL can generate client certificates via a four-step process.
 
    and return the signed cert (postgresql.crt) to the user.
 
-4. The user should install this file in $HOME/.postgresql/postgresql.crt.
+4. The user should install this file in ~/.postgresql/postgresql.crt.
 
 The server will log every time a client certificate has been
 used, but there is not yet a mechanism provided for using client
@@ -429,7 +429,7 @@ until later.
 > for the shell program to be bogus (e.g., /bin/false), if the
 > tunnel is set up in to avoid launching a remote shell.
 > 
-> On each client system the $HOME/.ssh/config file should contain
+> On each client system the ~/.ssh/config file should contain
 > an additional line similiar to
 > 
 >  LocalForward 5555 psql.example.com:5432
diff --git a/src/bin/psql/input.c b/src/bin/psql/input.c
index b216e98843f..e75c86f7f8c 100644
--- a/src/bin/psql/input.c
+++ b/src/bin/psql/input.c
@@ -3,18 +3,22 @@
  *
  * Copyright (c) 2000-2005, PostgreSQL Global Development Group
  *
- * $PostgreSQL: pgsql/src/bin/psql/input.c,v 1.42 2005/01/01 05:43:08 momjian Exp $
+ * $PostgreSQL: pgsql/src/bin/psql/input.c,v 1.43 2005/01/06 18:29:09 tgl Exp $
  */
 #include "postgres_fe.h"
-#include "input.h"
-
-#include <errno.h>
 
+#include "input.h"
 #include "pqexpbuffer.h"
 #include "settings.h"
 #include "tab-complete.h"
 #include "common.h"
 
+#ifndef WIN32
+#define PSQLHISTORY ".psql_history"
+#else
+#define PSQLHISTORY "psql_history"
+#endif
+
 /* Runtime options for turning off readline and history */
 /* (of course there is no runtime command for doing that :) */
 #ifdef USE_READLINE
@@ -32,14 +36,11 @@ enum histcontrol
 
 #ifdef HAVE_ATEXIT
 static void finishInput(void);
-
 #else
 /* designed for use with on_exit() */
 static void finishInput(int, void *);
 #endif
 
-#define PSQLHISTORY ".psql_history"
-
 
 #ifdef USE_READLINE
 static enum histcontrol
@@ -235,14 +236,12 @@ finishInput(int exitstatus, void *arg)
 			char	   *psql_history;
 			int			hist_size;
 
-			psql_history = pg_malloc(strlen(home) + 1 +
-									 strlen(PSQLHISTORY) + 1);
-
 			hist_size = GetVariableNum(pset.vars, "HISTSIZE", -1, -1, true);
-
 			if (hist_size >= 0)
 				stifle_history(hist_size);
 
+			psql_history = pg_malloc(strlen(home) + 1 +
+									 strlen(PSQLHISTORY) + 1);
 			sprintf(psql_history, "%s/%s", home, PSQLHISTORY);
 			write_history(psql_history);
 			free(psql_history);
diff --git a/src/bin/psql/startup.c b/src/bin/psql/startup.c
index e9ea17dc894..b8f6ca5f562 100644
--- a/src/bin/psql/startup.c
+++ b/src/bin/psql/startup.c
@@ -3,7 +3,7 @@
  *
  * Copyright (c) 2000-2005, PostgreSQL Global Development Group
  *
- * $PostgreSQL: pgsql/src/bin/psql/startup.c,v 1.108 2005/01/01 05:43:08 momjian Exp $
+ * $PostgreSQL: pgsql/src/bin/psql/startup.c,v 1.109 2005/01/06 18:29:09 tgl Exp $
  */
 #include "postgres_fe.h"
 
@@ -43,8 +43,13 @@ int			optreset;
  */
 PsqlSettings pset;
 
+#ifndef WIN32
 #define SYSPSQLRC	"psqlrc"
 #define PSQLRC		".psqlrc"
+#else
+#define SYSPSQLRC	"psqlrc"
+#define PSQLRC		"psqlrc.txt"
+#endif
 
 /*
  * Structures to pass information between the option parsing routine
@@ -568,24 +573,21 @@ parse_psql_options(int argc, char *argv[], struct adhoc_opts * options)
 static void
 process_psqlrc(char *argv0)
 {
-	char	   *psqlrc;
 	char		home[MAXPGPATH];
-	char		global_file[MAXPGPATH];
+	char		rc_file[MAXPGPATH];
 	char		my_exec_path[MAXPGPATH];
 	char		etc_path[MAXPGPATH];
 
 	find_my_exec(argv0, my_exec_path);
 	get_etc_path(my_exec_path, etc_path);
 
-	snprintf(global_file, MAXPGPATH, "%s/%s", etc_path, SYSPSQLRC);
-	process_psqlrc_file(global_file);
+	snprintf(rc_file, MAXPGPATH, "%s/%s", etc_path, SYSPSQLRC);
+	process_psqlrc_file(rc_file);
 
 	if (get_home_path(home))
 	{
-		psqlrc = pg_malloc(strlen(home) + 1 + strlen(PSQLRC) + 1);
-		sprintf(psqlrc, "%s/%s", home, PSQLRC);
-		process_psqlrc_file(psqlrc);
-		free(psqlrc);
+		snprintf(rc_file, MAXPGPATH, "%s/%s", home, PSQLRC);
+		process_psqlrc_file(rc_file);
 	}
 }
 
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 9f7bd09ce4a..908c39c2567 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.296 2005/01/06 00:59:47 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-connect.c,v 1.297 2005/01/06 18:29:10 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -35,6 +35,7 @@
 
 #ifdef WIN32
 #include "win32.h"
+#include <shlobj.h>
 #else
 #include <sys/socket.h>
 #include <netdb.h>
@@ -57,7 +58,11 @@
 #endif
 
 
+#ifndef WIN32
 #define PGPASSFILE ".pgpass"
+#else
+#define PGPASSFILE "pgpass.txt"
+#endif
 
 /* fall back options if they are not specified by arguments or defined
    by environment variables */
@@ -3175,6 +3180,7 @@ static char *
 PasswordFromFile(char *hostname, char *port, char *dbname, char *username)
 {
 	FILE	   *fp;
+	char		homedir[MAXPGPATH];
 	char		pgpassfile[MAXPGPATH];
 	struct stat stat_buf;
 
@@ -3193,12 +3199,10 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username)
 	if (port == NULL)
 		port = DEF_PGPORT_STR;
 
-	if (!pqGetHomeDirectory(pgpassfile, sizeof(pgpassfile)))
+	if (!pqGetHomeDirectory(homedir, sizeof(homedir)))
 		return NULL;
 
-	snprintf(pgpassfile + strlen(pgpassfile),
-			 sizeof(pgpassfile) - strlen(pgpassfile),
-			 "/%s", PGPASSFILE);
+	snprintf(pgpassfile, sizeof(pgpassfile), "%s/%s", homedir, PGPASSFILE);
 
 	/* If password file cannot be opened, ignore it. */
 	if (stat(pgpassfile, &stat_buf) == -1)
@@ -3254,6 +3258,9 @@ PasswordFromFile(char *hostname, char *port, char *dbname, char *username)
 /*
  * Obtain user's home directory, return in given buffer
  *
+ * On Unix, this actually returns the user's home directory.  On Windows
+ * it returns the PostgreSQL-specific application data folder.
+ *
  * This is essentially the same as get_home_path(), but we don't use that
  * because we don't want to pull path.c into libpq (it pollutes application
  * namespace)
@@ -3272,16 +3279,12 @@ pqGetHomeDirectory(char *buf, int bufsize)
 	return true;
 
 #else
+	char		tmppath[MAX_PATH];
 
-	/* TEMPORARY PLACEHOLDER IMPLEMENTATION */
-	const char *homedir;
-
-	homedir = getenv("USERPROFILE");
-	if (homedir == NULL)
-		homedir = getenv("HOME");
-	if (homedir == NULL)
+	ZeroMemory(tmppath, sizeof(tmppath));
+	if (!SHGetSpecialFolderPath(NULL, tmppath, CSIDL_APPDATA, FALSE))
 		return false;
-	StrNCpy(buf, homedir, bufsize);
+	snprintf(buf, bufsize, "%s/postgresql", tmppath);
 	return true;
 #endif
 }
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c
index a87d7221e24..382c1d9b560 100644
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.63 2005/01/06 00:59:47 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.64 2005/01/06 18:29:10 tgl Exp $
  *
  * NOTES
  *	  [ Most of these notes are wrong/obsolete, but perhaps not all ]
@@ -26,7 +26,7 @@
  *	  "man-in-the-middle" and "impersonation" attacks.	The
  *	  server certificate, or better yet the CA certificate used
  *	  to sign the server certificate, should be present in the
- *	  "$HOME/.postgresql/root.crt" file.  If this file isn't
+ *	  "~/.postgresql/root.crt" file.  If this file isn't
  *	  readable, or the server certificate can't be validated,
  *	  pqsecure_open_client() will return an error code.
  *
@@ -50,7 +50,7 @@
  *	  ...
  *
  *	  Unlike the server's static private key, the client's
- *	  static private key ($HOME/.postgresql/postgresql.key)
+ *	  static private key (~/.postgresql/postgresql.key)
  *	  should normally be stored encrypted.	However we still
  *	  support EPH since it's useful for other reasons.
  *
@@ -63,9 +63,9 @@
  *	  keeping it closed to everyone else.
  *
  *	  The user's certificate and private key are located in
- *		$HOME/.postgresql/postgresql.crt
+ *		~/.postgresql/postgresql.crt
  *	  and
- *		$HOME/.postgresql/postgresql.key
+ *		~/.postgresql/postgresql.key
  *	  respectively.
  *
  *	  ...
@@ -74,10 +74,6 @@
  *	  info_cb() in be-secure.c), since there's mechanism to
  *	  display that information to the client.
  *
- * OS DEPENDENCIES
- *	  The code currently assumes a POSIX password entry.  How should
- *	  Windows and Mac users be handled?
- *
  *-------------------------------------------------------------------------
  */
 
@@ -124,11 +120,24 @@
 
 
 #ifdef USE_SSL
-static int	verify_cb(int ok, X509_STORE_CTX *ctx);
+
+#ifndef WIN32
+#define USERCERTFILE	".postgresql/postgresql.crt"
+#define USERKEYFILE		".postgresql/postgresql.key"
+#define ROOTCERTFILE	".postgresql/root.crt"
+#define DHFILEPATTERN	"%s/.postgresql/dh%d.pem"
+#else
+/* On Windows, the "home" directory is already PostgreSQL-specific */
+#define USERCERTFILE	"postgresql.crt"
+#define USERKEYFILE		"postgresql.key"
+#define ROOTCERTFILE	"root.crt"
+#define DHFILEPATTERN	"%s/dh%d.pem"
+#endif
 
 #ifdef NOT_USED
 static int	verify_peer(PGconn *);
 #endif
+static int	verify_cb(int ok, X509_STORE_CTX *ctx);
 static DH  *load_dh_file(int keylength);
 static DH  *load_dh_buffer(const char *, size_t);
 static DH  *tmp_dh_cb(SSL *s, int is_export, int keylength);
@@ -158,7 +167,7 @@ static SSL_CTX *SSL_context = NULL;
  *	sessions even if the static private key is compromised,
  *	so we are *highly* motivated to ensure that we can use
  *	EDH even if the user... or an attacker... deletes the
- *	$HOME/.postgresql/dh*.pem files.
+ *	~/.postgresql/dh*.pem files.
  *
  *	It's not critical that users have EPH keys, but it doesn't
  *	hurt and if it's missing someone will demand it, so....
@@ -631,8 +640,7 @@ load_dh_file(int keylength)
 		return NULL;
 
 	/* attempt to open file.  It's not an error if it doesn't exist. */
-	snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/dh%d.pem",
-			 homedir, keylength);
+	snprintf(fnbuf, sizeof(fnbuf), DHFILEPATTERN, homedir, keylength);
 
 	if ((fp = fopen(fnbuf, "r")) == NULL)
 		return NULL;
@@ -779,8 +787,7 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
 	}
 
 	/* read the user certificate */
-	snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/postgresql.crt",
-			 homedir);
+	snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USERCERTFILE);
 	if ((fp = fopen(fnbuf, "r")) == NULL)
 	{
 		printfPQExpBuffer(&conn->errorMessage,
@@ -802,8 +809,7 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
 	fclose(fp);
 
 	/* read the user key */
-	snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/postgresql.key",
-			 homedir);
+	snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USERKEYFILE);
 	if (stat(fnbuf, &buf) == -1)
 	{
 		printfPQExpBuffer(&conn->errorMessage,
@@ -966,7 +972,7 @@ initialize_SSL(PGconn *conn)
 	/* Set up to verify server cert, if root.crt is present */
 	if (pqGetHomeDirectory(homedir, sizeof(homedir)))
 	{
-		snprintf(fnbuf, sizeof(fnbuf), "%s/.postgresql/root.crt", homedir);
+		snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, ROOTCERTFILE);
 		if (stat(fnbuf, &buf) == 0)
 		{
 			if (!SSL_CTX_load_verify_locations(SSL_context, fnbuf, NULL))
diff --git a/src/port/path.c b/src/port/path.c
index 204c782ff12..2620f392635 100644
--- a/src/port/path.c
+++ b/src/port/path.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/port/path.c,v 1.47 2005/01/06 01:00:12 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/port/path.c,v 1.48 2005/01/06 18:29:11 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -17,7 +17,9 @@
 
 #include <ctype.h>
 #include <sys/stat.h>
-#ifndef WIN32
+#ifdef WIN32
+#include <shlobj.h>
+#else
 #include <unistd.h>
 #endif
 
@@ -445,6 +447,9 @@ get_locale_path(const char *my_exec_path, char *ret_path)
 
 /*
  *	get_home_path
+ *
+ * On Unix, this actually returns the user's home directory.  On Windows
+ * it returns the PostgreSQL-specific application data folder.
  */
 bool
 get_home_path(char *ret_path)
@@ -460,16 +465,12 @@ get_home_path(char *ret_path)
 	return true;
 
 #else
+	char		tmppath[MAX_PATH];
 
-	/* TEMPORARY PLACEHOLDER IMPLEMENTATION */
-	const char *homedir;
-
-	homedir = getenv("USERPROFILE");
-	if (homedir == NULL)
-		homedir = getenv("HOME");
-	if (homedir == NULL)
+	ZeroMemory(tmppath, sizeof(tmppath));
+	if (!SHGetSpecialFolderPath(NULL, tmppath, CSIDL_APPDATA, FALSE))
 		return false;
-	StrNCpy(ret_path, homedir, MAXPGPATH);
+	snprintf(ret_path, MAXPGPATH, "%s/postgresql", tmppath);
 	return true;
 #endif
 }