Joe Conway <mail@joeconway.com> writes:
> Here's a much simpler SQL/MED support patch for dblink.
> This enforces security in the same manner for FOREIGN SERVER connections
> as that worked out over time for other dblink connections. Essentially,
> the FOREIGN SERVER and associated user MAPPING provides the needed info
> for the libpq connection, but otherwise behavior is the same.
> I've also attached a doc patch.
The docs patch looks okay, except this comment is a bit hazy:
> + -- Note: local connection must require authentication for this to work properly
I think what it means is
> + -- Note: local connection must require password authentication for this to work properly
If not, please clarify some other way. It might also be good to be a
bit more clear about what "fail to work properly" might entail.
As far as the code goes, hopefully Peter will take a look since he's
spent more time on the SQL/MED code than I have. The only thing I can
see that looks bogus is that get_connect_string() is failing to handle
any quoting/escaping that might be needed for the values to be inserted
into the connection string. I don't recall offhand what rules libpq
has for that, but I hope it at least implements doubled single quotes...
regards, tom lane