vendor

2026-03-09 09:42:09 -06:00
parent 287256a20d
commit 886c4aabff
1767 changed files with 6581574 additions and 0 deletions
--- a/vendor/github.com/lib/pq/internal/pqutil/path.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/path.go
@@ -0,0 +1,65 @@
+package pqutil
+
+import (
+	"fmt"
+	"os"
+	"os/user"
+	"path/filepath"
+	"runtime"
+)
+
+// Home gets the user's home directory. Matches pqGetHomeDirectory() from
+// PostgreSQL
+//
+// https://github.com/postgres/postgres/blob/2b117bb/src/interfaces/libpq/fe-connect.c#L8214
+func Home() string {
+	if runtime.GOOS == "windows" {
+		// pq uses SHGetFolderPath(), which is deprecated but x/sys/windows has
+		// KnownFolderPath(). We don't really want to pull that in though, so
+		// use APPDATA env. This is also what PostgreSQL uses in some other
+		// codepaths (get_home_path() for example).
+		ad := os.Getenv("APPDATA")
+		if ad == "" {
+			return ""
+		}
+		return filepath.Join(ad, "postgresql")
+	}
+
+	home, _ := os.UserHomeDir()
+	if home == "" {
+		u, err := user.Current()
+		if err != nil {
+			return ""
+		}
+		home = u.HomeDir
+	}
+	return home
+}
+
+// Pgpass gets the filepath to the pgpass file to use, returning "" if a pgpass
+// file shouldn't be used.
+func Pgpass(passfile string) string {
+	// Get passfile from the options.
+	if passfile == "" {
+		home := Home()
+		if home == "" {
+			return ""
+		}
+		passfile = filepath.Join(home, ".pgpass")
+	}
+
+	// On Win32, the directory is protected, so we don't have to check the file.
+	if runtime.GOOS != "windows" {
+		fi, err := os.Stat(passfile)
+		if err != nil {
+			return ""
+		}
+		if fi.Mode().Perm()&(0x77) != 0 {
+			fmt.Fprintf(os.Stderr,
+				"WARNING: password file %q has group or world access; permissions should be u=rw (0600) or less\n",
+				passfile)
+			return ""
+		}
+	}
+	return passfile
+}
--- a/vendor/github.com/lib/pq/internal/pqutil/perm.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/perm.go
@@ -0,0 +1,64 @@
+//go:build !windows && !plan9
+
+package pqutil
+
+import (
+	"errors"
+	"os"
+	"syscall"
+)
+
+var (
+	ErrSSLKeyUnknownOwnership    = errors.New("pq: could not get owner information for private key, may not be properly protected")
+	ErrSSLKeyHasWorldPermissions = errors.New("pq: private key has world access; permissions should be u=rw,g=r (0640) if owned by root, or u=rw (0600), or less")
+)
+
+// SSLKeyPermissions checks the permissions on user-supplied SSL key files,
+// which should have very little access. libpq does not check key file
+// permissions on Windows.
+//
+// If the file is owned by the same user the process is running as, the file
+// should only have 0600. If the file is owned by root, and the group matches
+// the group that the process is running in, the permissions cannot be more than
+// 0640. The file should never have world permissions.
+//
+// Returns an error when the permission check fails.
+func SSLKeyPermissions(sslkey string) error {
+	fi, err := os.Stat(sslkey)
+	if err != nil {
+		return err
+	}
+
+	return checkPermissions(fi)
+}
+
+func checkPermissions(fi os.FileInfo) error {
+	// The maximum permissions that a private key file owned by a regular user
+	// is allowed to have. This translates to u=rw. Regardless of if we're
+	// running as root or not, 0600 is acceptable, so we return if we match the
+	// regular user permission mask.
+	if fi.Mode().Perm()&os.FileMode(0777)^0600 == 0 {
+		return nil
+	}
+
+	// We need to pull the Unix file information to get the file's owner.
+	// If we can't access it, there's some sort of operating system level error
+	// and we should fail rather than attempting to use faulty information.
+	sys, ok := fi.Sys().(*syscall.Stat_t)
+	if !ok {
+		return ErrSSLKeyUnknownOwnership
+	}
+
+	// if the file is owned by root, we allow 0640 (u=rw,g=r) to match what
+	// Postgres does.
+	if sys.Uid == 0 {
+		// The maximum permissions that a private key file owned by root is
+		// allowed to have. This translates to u=rw,g=r.
+		if fi.Mode().Perm()&os.FileMode(0777)^0640 != 0 {
+			return ErrSSLKeyHasWorldPermissions
+		}
+		return nil
+	}
+
+	return ErrSSLKeyHasWorldPermissions
+}
--- a/vendor/github.com/lib/pq/internal/pqutil/perm_unsupported.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/perm_unsupported.go
@@ -0,0 +1,12 @@
+//go:build windows || plan9
+
+package pqutil
+
+import "errors"
+
+var (
+	ErrSSLKeyUnknownOwnership    = errors.New("unused")
+	ErrSSLKeyHasWorldPermissions = errors.New("unused")
+)
+
+func SSLKeyPermissions(sslkey string) error { return nil }
--- a/vendor/github.com/lib/pq/internal/pqutil/pqutil.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/pqutil.go
@@ -0,0 +1,32 @@
+package pqutil
+
+import (
+	"strconv"
+	"strings"
+)
+
+// ParseBool is like strconv.ParseBool, but also accepts "yes"/"no" and
+// "on"/"off".
+func ParseBool(str string) (bool, error) {
+	switch str {
+	case "1", "t", "T", "true", "TRUE", "True", "yes", "on":
+		return true, nil
+	case "0", "f", "F", "false", "FALSE", "False", "no", "off":
+		return false, nil
+	}
+	return false, &strconv.NumError{Func: "ParseBool", Num: str, Err: strconv.ErrSyntax}
+}
+
+func Join[S ~[]E, E ~string](s S) string {
+	var b strings.Builder
+	for i := range s {
+		if i > 0 {
+			b.WriteString(", ")
+		}
+		if i == len(s)-1 {
+			b.WriteString("or ")
+		}
+		b.WriteString(string(s[i]))
+	}
+	return b.String()
+}
--- a/vendor/github.com/lib/pq/internal/pqutil/user_other.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/user_other.go
@@ -0,0 +1,9 @@
+//go:build js || android || hurd || zos || wasip1 || appengine
+
+package pqutil
+
+import "errors"
+
+func User() (string, error) {
+	return "", errors.New("pqutil.User: not supported on current platform")
+}
--- a/vendor/github.com/lib/pq/internal/pqutil/user_posix.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/user_posix.go
@@ -0,0 +1,25 @@
+//go:build !windows && !js && !android && !hurd && !zos && !wasip1 && !appengine
+
+package pqutil
+
+import (
+	"os"
+	"os/user"
+	"runtime"
+)
+
+func User() (string, error) {
+	env := "USER"
+	if runtime.GOOS == "plan9" {
+		env = "user"
+	}
+	if n := os.Getenv(env); n != "" {
+		return n, nil
+	}
+
+	u, err := user.Current()
+	if err != nil {
+		return "", err
+	}
+	return u.Username, nil
+}
--- a/vendor/github.com/lib/pq/internal/pqutil/user_windows.go
+++ b/vendor/github.com/lib/pq/internal/pqutil/user_windows.go
@@ -0,0 +1,28 @@
+//go:build windows && !appengine
+
+package pqutil
+
+import (
+	"path/filepath"
+	"syscall"
+)
+
+func User() (string, error) {
+	// Perform Windows user name lookup identically to libpq.
+	//
+	// The PostgreSQL code makes use of the legacy Win32 function GetUserName,
+	// and that function has not been imported into stock Go. GetUserNameEx is
+	// available though, the difference being that a wider range of names are
+	// available.  To get the output to be the same as GetUserName, only the
+	// base (or last) component of the result is returned.
+	var (
+		name     = make([]uint16, 128)
+		pwnameSz = uint32(len(name)) - 1
+	)
+	err := syscall.GetUserNameEx(syscall.NameSamCompatible, &name[0], &pwnameSz)
+	if err != nil {
+		return "", err
+	}
+	s := syscall.UTF16ToString(name)
+	return filepath.Base(s), nil
+}