<!--

$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.106 2003/01/19 00:13:28 momjian Exp $

$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.107 2003/01/30 19:49:54 tgl Exp $

-->

<chapter id="libpq">

<term><literal>requiressl</literal></term>

<listitem>

<para>

Set to 1 to require SSL connection to the backend. <application>Libpq</>

will then refuse to connect if the server does not support

SSL. Set to 0 (default) to negotiate with server.

Set to 1 to require <acronym>SSL</acronym> connection to the server.

<application>Libpq</> will then refuse to connect if the server does not

accept an <acronym>SSL</acronym> connection.

Set to 0 (default) to negotiate with server.

This option is only available if

<productname>PostgreSQL</> is compiled with SSL support.

</para>

</listitem>

</varlistentry>

<para>

The following environment variables can be used to select default

connection parameter values, which will be used by <function>PQconnectdb</function> or

<function>PQsetdbLogin</function> if no value is directly specified by the calling code.

These are useful to avoid hard-coding database names into simple

application programs.

connection parameter values, which will be used by

<function>PQconnectdb</>, <function>PQsetdbLogin</> and

<function>PQsetdb</> if no value is directly specified by the calling

code. These are useful to avoid hard-coding database connection

information into simple client applications.

<itemizedlist>

<listitem>

messages from the backend server are displayed.

</para>

</listitem>

<listitem>

<para>

<envar>PGREQUIRESSL</envar> sets whether or not the connection must be

made over <acronym>SSL</acronym>. If set to

<quote>1</quote>, <application>libpq</>

will refuse to connect if the server does not accept

an <acronym>SSL</acronym> connection.

This option is only available if

<productname>PostgreSQL</> is compiled with SSL support.

</para>

</listitem>

<listitem>

<para>

<envar>PGCONNECT_TIMEOUT</envar> sets the maximum number of seconds

that <application>libpq</application> will wait when attempting to

connect to the <productname>PostgreSQL</productname> server. This

option should be set to at least 2 seconds.

</para>

</listitem>

</itemizedlist>

</para>

<synopsis>

<replaceable>hostname</replaceable>:<replaceable>port</replaceable>:<replaceable>database</replaceable>:<replaceable>username</replaceable>:<replaceable>password</replaceable>

</synopsis>

Any of these may be a literal name, or <literal>*</literal>, which matches

anything. The firstmatchwill be used so put morespecific entries first.

Entries with <literal>:</literal> or<literal>\</literal>should be escaped

with <literal>\</literal>.

Any of these may be a literal name, or <literal>*</literal>, which

matchesanything. The firstmatching entrywill be used, so put more-specific

entries first. When an entry contains<literal>:</literal>or

<literal>\</literal>, it must be escapedwith <literal>\</literal>.

</para>

<para>

The permissions on <filename>.pgpass</filename> must disallow any

"Database-Password","*",20},

{"connect_timeout","PGCONNECT_TIMEOUT",NULL,NULL,

"Connect-timeout","",10},/* strlen(INT32_MAX) == 10 */

"Connect-timeout","",10},/* strlen(INT32_MAX) == 10 */

{"dbname","PGDATABASE",NULL,NULL,

"Database-Name","",20},

tmp=conninfo_getval(connOptions,"password");

conn->pgpass=tmp ?strdup(tmp) :NULL;

if (conn->pgpass==NULL||conn->pgpass[0]=='\0')

{

if (conn->pgpass)

free(conn->pgpass);

conn->pgpass=PasswordFromFile(conn->pghost,conn->pgport,

conn->dbName,conn->pguser);

conn->dbName,conn->pguser);

if (conn->pgpass==NULL)

conn->pgpass=strdup(DefaultPassword);

}

tmp=conninfo_getval(connOptions,"connect_timeout");

conn->connect_timeout=tmp ?strdup(tmp) :NULL;

conn->dbName=strdup(dbName);

if (pwd)

conn->pgpass=strdup(pwd);

elseif ((tmp=getenv("PGPASSWORD"))!=NULL)

conn->pgpass=strdup(tmp);

elseif ((tmp=PasswordFromFile(conn->pghost,conn->pgport,

conn->dbName,conn->pguser))!=NULL)

conn->pgpass=tmp;

conn->pgpass=strdup(DefaultPassword);

returnNULL;

}

PasswordFromFile(char*hostname,char*port,char*dbname,char*username)

{

home=getenv("HOME");

if (home)

if (!home)

returnNULL;

pgpassfile=malloc(strlen(home)+1+strlen(PGPASSFILE)+1);

if (!pgpassfile)

{

pgpassfile=malloc(strlen(home)+1+strlen(PGPASSFILE)+1);

if (!pgpassfile)

{

fprintf(stderr,libpq_gettext("out of memory\n"));

returnNULL;

}

}

fprintf(stderr,libpq_gettext("out of memory\n"));

returnNULL;

}

sprintf(pgpassfile,"%s/%s",home,PGPASSFILE);

{

char*t=buf,

*ret;

intlen;

fgets(buf,LINELEN-1,fp);

if (strlen(buf)==0)

len=strlen(buf);

if (len==0)

continue;

buf[strlen(buf)-1]=0;

if (buf[len-1]=='\n')

buf[len-1]=0;

if ((t=pwdfMatchesString(t,hostname))==NULL||

(t=pwdfMatchesString(t,port))==NULL||

(t=pwdfMatchesString(t,dbname))==NULL||