-- ===================================================================

-- tests for validator

-- ===================================================================

-- requiressl, krbsrvnameandgsslibare omitted because they depend on

-- configure options

-- requiresslandsome other parametersare omitted because

--valid values for them depend onconfigure options

ALTER SERVER testserver1 OPTIONS (

use_remote_estimate 'false',

updatable 'true',

sslcert 'value',

sslkey 'value',

sslrootcert 'value',

sslcrl 'value'

sslcrl 'value',

--requirepeer 'value',

--krbsrvname 'value',

--gsslib 'value',

krbsrvname 'value',

gsslib 'value'

--replication 'value'

);

-- Error, invalid list syntax

END;

$d$;

ERROR: invalid option "password"

HINT: Valid options in this context are: service, passfile, channel_binding, connect_timeout, dbname, host, hostaddr, port, options, application_name, keepalives, keepalives_idle, keepalives_interval, keepalives_count, tcp_user_timeout, sslmode, sslcompression, sslcert, sslkey, sslrootcert, sslcrl, requirepeer, gssencmode, krbsrvname, target_session_attrs, use_remote_estimate, fdw_startup_cost, fdw_tuple_cost, extensions, updatable, fetch_size

HINT: Valid options in this context are: service, passfile, channel_binding, connect_timeout, dbname, host, hostaddr, port, options, application_name, keepalives, keepalives_idle, keepalives_interval, keepalives_count, tcp_user_timeout, sslmode, sslcompression, sslcert, sslkey, sslrootcert, sslcrl, requirepeer, gssencmode, krbsrvname,gsslib,target_session_attrs, use_remote_estimate, fdw_startup_cost, fdw_tuple_cost, extensions, updatable, fetch_size

CONTEXT: SQL statement "ALTER SERVER loopback_nopw OPTIONS (ADD password 'dummypw')"

PL/pgSQL function inline_code_block line 3 at EXECUTE

-- If we add a password for our user mapping instead, we should get a different

ALTER SERVER testserver1 OPTIONS (

use_remote_estimate'false',

updatable'true',

sslcert'value',

sslkey'value',

sslrootcert'value',

sslcrl'value'

sslcrl'value',

krbsrvname'value',

gsslib'value'

);

<term><literal>gsslib</literal></term>

<listitem>

<para>

GSS library to use for GSSAPI authentication. Only used on Windows.

Set to <literal>gssapi</literal> to force libpq to use the GSSAPI

GSS library to use for GSSAPI authentication.

Currently this is disregarded except on Windows builds that include

both GSSAPI and SSPI support. In that case, set

this to <literal>gssapi</literal> to cause libpq to use the GSSAPI

library for authentication instead of the default SSPI.

</para>

</listitem>

"SSL-Client-Key","",64,

offsetof(structpg_conn,sslkey)},

{"sslpassword",NULL,NULL,NULL,

"SSL-Client-Key-Password","*",20,

offsetof(structpg_conn,sslpassword)},

{"sslrootcert","PGSSLROOTCERT",NULL,NULL,

"SSL-Root-Certificate","",64,

offsetof(structpg_conn,sslrootcert)},

offsetof(structpg_conn,requirepeer)},

{"gssencmode","PGGSSENCMODE",DefaultGSSMode,NULL,

"GSSENC-Mode","",7,/* sizeof("disable") == 7 */

offsetof(structpg_conn,gssencmode)},

#if defined(ENABLE_GSS)||defined(ENABLE_SSPI)

{"krbsrvname","PGKRBSRVNAME",PG_KRB_SRVNAM,NULL,

"Kerberos-service-name","",20,

offsetof(structpg_conn,krbsrvname)},

#if defined(ENABLE_GSS)&&defined(ENABLE_SSPI)

{"gsslib","PGGSSLIB",NULL,NULL,

"GSS-library","",7,/* sizeof("gssapi") = 7 */

offsetof(structpg_conn,gsslib)},

{"replication",NULL,NULL,NULL,

"Replication","D",5,

"Target-Session-Attrs","",11,/* sizeof("read-write") = 11 */

offsetof(structpg_conn,target_session_attrs)},

{"sslpassword",NULL,NULL,NULL,

"SSL-Client-Key-Password","*",20,

offsetof(structpg_conn,sslpassword)},

{NULL,NULL,NULL,NULL,

NULL,NULL,0}

free(conn->sslcert);

if (conn->sslkey)

free(conn->sslkey);

if (conn->sslpassword)

free(conn->sslpassword);

if (conn->sslrootcert)

free(conn->sslrootcert);

if (conn->sslcrl)

free(conn->sslcompression);

if (conn->requirepeer)

free(conn->requirepeer);

if (conn->connip)

free(conn->connip);

if (conn->gssencmode)

free(conn->gssencmode);

#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)

if (conn->krbsrvname)

free(conn->krbsrvname);

if (conn->gsslib)

free(conn->gsslib);

if (conn->connip)

free(conn->connip);

if (conn->gcred!=GSS_C_NO_CREDENTIAL)

{

gss_delete_sec_context(&minor,&conn->gctx,GSS_C_NO_BUFFER);

conn->gctx=NULL;

}

#if defined(ENABLE_GSS)&& defined(ENABLE_SSPI)

if (conn->gsslib)

free(conn->gsslib);

if (conn->last_query)

free(conn->target_session_attrs);

termPQExpBuffer(&conn->errorMessage);

termPQExpBuffer(&conn->workBuffer);

if (conn->sslpassword)

free(conn->sslpassword);

free(conn);

char*sslcompression;/* SSL compression (0 or 1) */

char*sslkey;/* client key filename */

char*sslcert;/* client certificate filename */

char*sslpassword;/* client key file password */

char*sslrootcert;/* root certificate filename */

char*sslcrl;/* certificate revocation list filename */

char*requirepeer;/* required peer credentials for local sockets */

#if defined(ENABLE_GSS)|| defined(ENABLE_SSPI)

char*gssencmode;/* GSS mode (require,prefer,disable) */

char*krbsrvname;/* Kerberos service name */

char*gsslib;/* What GSS library to use ("gssapi" or

char*target_session_attrs;

char*gssencmode;/* GSS mode (require,prefer,disable) */

gss_ctx_id_tgctx;/* GSS context */

gss_name_tgtarg_nam;/* GSS target name */

char*gsslib;/* What GSS library to use ("gssapi" or

CredHandle*sspicred;/* SSPI credentials handle */

CtxtHandle*sspictx;/* SSPI context */

char*sspitarget;/* SSPI target name */

PQExpBufferDataworkBuffer;/* expansible string */

char*sslpassword;/* client key file password */

};