package/package.json000644 001750 001750 0000002011 13110271633013006 0ustar00000000 000000 { "name": "pgpass", "version": "1.0.2", "description": "Module for reading .pgpass", "main": "lib/index", "scripts": { "pretest": "chmod 600 ./test/_pgpass", "test": "npm run hint && mocha --recursive -R list && npm run coverage", "coverage": "rm -rf -- lib-cov ; jscoverage lib lib-cov && mocha --recursive -R html-cov > coverage.html", "hint": "jshint --verbose lib test" }, "author": "Hannes Hörl ", "license": "MIT", "dependencies": { "split": "^1.0.0" }, "devDependencies": { "jscoverage": "^0.6.0", "jshint": "^2.9.2", "mocha": "^2.5.3", "pg": "^4.5.6", "pg-escape": "^0.2.0", "pg-native": "^1.10.0", "resumer": "0.0.0", "tmp": "0.0.28", "which": "^1.2.10" }, "keywords": [ "postgres", "pg", "pgpass", "password", "postgresql" ], "bugs": "https://github.com/hoegaarden/pgpass/issues", "repository": { "type": "git", "url": "https://github.com/hoegaarden/pgpass.git" } } package/.npmignore000644 001750 001750 0000000123 13110264704012522 0ustar00000000 000000 node_modules/ *~ #* lib-cov/ coverage.* npm-debug.log .jshintrc .travis.yml test/ package/README.md000644 001750 001750 0000006244 13110263363012014 0ustar00000000 000000 # pgpass [![Build Status](https://travis-ci.org/hoegaarden/pgpass.png?branch=master)](https://travis-ci.org/hoegaarden/pgpass) ## Install ```sh npm install pgpass ``` ## Usage ```js var pgPass = require('pgpass'); var connInfo = { 'host' : 'pgserver' , 'user' : 'the_user_name' , }; pgPass(connInfo, function(pass){ conn_info.password = pass; // connect to postgresql server }); ``` ## Description This module tries to read the `~/.pgpass` file (or the equivalent for windows systems). If the environment variable `PGPASSFILE` is set, this file is used instead. If everything goes right, the password from said file is passed to the callback; if the password cannot be read `undefined` is passed to the callback. Cases where `undefined` is returned: - the environment variable `PGPASSWORD` is set - the file cannot be read (wrong permissions, no such file, ...) - for non windows systems: the file is write-/readable by the group or by other users - there is no matching line for the given connection info There should be no need to use this module directly; it is already included in `node-postgresq`. ## Configuration The module reads the environment variable `PGPASS_NO_DEESCAPE` to decide if the the read tokens from the password file should be de-escaped or not. Default is to do de-escaping. For further information on this see [this commit](https://github.com/postgres/postgres/commit/8d15e3ec4fcb735875a8a70a09ec0c62153c3329). ## Tests There are tests in `./test/`; including linting and coverage testing. Running `npm test` runs: - `jshint` - `mocha` tests - `jscoverage` and `mocha -R html-cov` You can see the coverage report in `coverage.html`. ## Development, Patches, Bugs, ... If you find Bugs or have improvments, please feel free to open a issue on github. If you provide a pull request, I'm more than happy to merge them, just make sure to add tests for your changes. ## Links - https://github.com/hoegaarden/node-pgpass - http://www.postgresql.org/docs/current/static/libpq-pgpass.html - https://wiki.postgresql.org/wiki/Pgpass - https://github.com/postgres/postgres/blob/master/src/interfaces/libpq/fe-connect.c ## License Copyright (c) 2013-2016 Hannes Hörl Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.package/lib/helper.js000644 001750 001750 0000012531 13110263363013114 0ustar00000000 000000 'use strict'; var path = require('path') , Stream = require('stream').Stream , Split = require('split') , util = require('util') , defaultPort = 5432 , isWin = (process.platform === 'win32') , warnStream = process.stderr ; var S_IRWXG = 56 // 00070(8) , S_IRWXO = 7 // 00007(8) , S_IFMT = 61440 // 00170000(8) , S_IFREG = 32768 // 0100000(8) ; function isRegFile(mode) { return ((mode & S_IFMT) == S_IFREG); } var fieldNames = [ 'host', 'port', 'database', 'user', 'password' ]; var nrOfFields = fieldNames.length; var passKey = fieldNames[ nrOfFields -1 ]; function warn() { var isWritable = ( warnStream instanceof Stream && true === warnStream.writable ); if (isWritable) { var args = Array.prototype.slice.call(arguments).concat("\n"); warnStream.write( util.format.apply(util, args) ); } } Object.defineProperty(module.exports, 'isWin', { get : function() { return isWin; } , set : function(val) { isWin = val; } }); module.exports.warnTo = function(stream) { var old = warnStream; warnStream = stream; return old; }; module.exports.getFileName = function(env){ env = env || process.env; var file = env.PGPASSFILE || ( isWin ? path.join( env.APPDATA , 'postgresql', 'pgpass.conf' ) : path.join( env.HOME, '.pgpass' ) ); return file; }; module.exports.usePgPass = function(stats, fname) { if (Object.prototype.hasOwnProperty.call(process.env, 'PGPASSWORD')) { return false; } if (isWin) { return true; } fname = fname || ''; if (! isRegFile(stats.mode)) { warn('WARNING: password file "%s" is not a plain file', fname); return false; } if (stats.mode & (S_IRWXG | S_IRWXO)) { /* If password file is insecure, alert the user and ignore it. */ warn('WARNING: password file "%s" has group or world access; permissions should be u=rw (0600) or less', fname); return false; } return true; }; var matcher = module.exports.match = function(connInfo, entry) { return fieldNames.slice(0, -1).reduce(function(prev, field, idx){ if (idx == 1) { // the port if ( Number( connInfo[field] || defaultPort ) === Number( entry[field] ) ) { return prev && true; } } return prev && ( entry[field] === '*' || entry[field] === connInfo[field] ); }, true); }; module.exports.getPassword = function(connInfo, stream, cb) { var pass; var lineStream = stream.pipe(new Split()); function onLine(line) { var entry = parseLine(line); if (entry && isValidEntry(entry) && matcher(connInfo, entry)) { pass = entry[passKey]; lineStream.end(); // -> calls onEnd(), but pass is set now } } var onEnd = function() { stream.destroy(); cb(pass); }; var onErr = function(err) { stream.destroy(); warn('WARNING: error on reading file: %s', err); cb(undefined); }; stream.on('error', onErr); lineStream .on('data', onLine) .on('end', onEnd) .on('error', onErr) ; }; var parseLine = module.exports.parseLine = function(line) { if (line.length < 11 || line.match(/^\s+#/)) { return null; } var curChar = ''; var prevChar = ''; var fieldIdx = 0; var startIdx = 0; var endIdx = 0; var obj = {}; var isLastField = false; var addToObj = function(idx, i0, i1) { var field = line.substring(i0, i1); if (! Object.hasOwnProperty.call(process.env, 'PGPASS_NO_DEESCAPE')) { field = field.replace(/\\([:\\])/g, '$1'); } obj[ fieldNames[idx] ] = field; }; for (var i = 0 ; i < line.length-1 ; i += 1) { curChar = line.charAt(i+1); prevChar = line.charAt(i); isLastField = (fieldIdx == nrOfFields-1); if (isLastField) { addToObj(fieldIdx, startIdx); break; } if (i >= 0 && curChar == ':' && prevChar !== '\\') { addToObj(fieldIdx, startIdx, i+1); startIdx = i+2; fieldIdx += 1; } } obj = ( Object.keys(obj).length === nrOfFields ) ? obj : null; return obj; }; var isValidEntry = module.exports.isValidEntry = function(entry){ var rules = { // host 0 : function(x){ return x.length > 0; } , // port 1 : function(x){ if (x === '*') { return true; } x = Number(x); return ( isFinite(x) && x > 0 && x < 9007199254740992 && Math.floor(x) === x ); } , // database 2 : function(x){ return x.length > 0; } , // username 3 : function(x){ return x.length > 0; } , // password 4 : function(x){ return x.length > 0; } }; for (var idx = 0 ; idx < fieldNames.length ; idx += 1) { var rule = rules[idx]; var value = entry[ fieldNames[idx] ] || ''; var res = rule(value); if (!res) { return false; } } return true; }; package/lib/index.js000644 001750 001750 0000000723 13110263363012744 0ustar00000000 000000 'use strict'; var path = require('path') , fs = require('fs') , helper = require('./helper.js') ; module.exports = function(connInfo, cb) { var file = helper.getFileName(); fs.stat(file, function(err, stat){ if (err || !helper.usePgPass(stat, file)) { return cb(undefined); } var st = fs.createReadStream(file); helper.getPassword(connInfo, st, cb); }); }; module.exports.warnTo = helper.warnTo;