postgrespro
diff --git a/‎doc/src/sgml/ref/alter_role.sgml
Lines changed: 11 additions & 1 deletion b/‎doc/src/sgml/ref/alter_role.sgml
Lines changed: 11 additions & 1 deletion
diff --git a/‎doc/src/sgml/ref/create_role.sgml
Lines changed: 13 additions & 1 deletion b/‎doc/src/sgml/ref/create_role.sgml
Lines changed: 13 additions & 1 deletion
diff --git a/‎doc/src/sgml/ref/psql-ref.sgml
Lines changed: 14 additions & 1 deletion b/‎doc/src/sgml/ref/psql-ref.sgml
Lines changed: 14 additions & 1 deletion
diff --git a/‎src/bin/psql/Makefile
Lines changed: 15 additions & 6 deletions b/‎src/bin/psql/Makefile
Lines changed: 15 additions & 6 deletions
diff --git a/‎src/bin/psql/command.c
Lines changed: 70 additions & 17 deletions b/‎src/bin/psql/command.c
Lines changed: 70 additions & 17 deletions
diff --git a/‎src/bin/psql/command.h
Lines changed: 7 additions & 7 deletions b/‎src/bin/psql/command.h
Lines changed: 7 additions & 7 deletions
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.2 2005/07/31 17:19:17 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.3 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -182,6 +182,16 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> RESET <replaceable>
    to do that.
   </para>
 
+  <para>
+   Caution must be exercised when specifying an unencrypted password
+   with this command.  The password will be transmitted to the server
+   in cleartext, and it might also be logged in the client's command
+   history or the server log.  <xref linkend="app-psql"
+   endterm="app-psql-title"> contains a command
+   <command>\password</command> that can be used to safely change a
+   role's password.
+  </para>
+
   <para>
    It is also possible to tie a
    session default to a specific database rather than to a role; see
 
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/create_role.sgml,v 1.4 2005/11/03 00:51:43 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/create_role.sgml,v 1.5 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -357,6 +357,18 @@ where <replaceable class="PARAMETER">option</replaceable> can be:
    connection <quote>slot</> remains for the role, it is possible that
    both will fail.  Also, the limit is never enforced for superusers.
   </para>
+
+  <para>
+   Caution must be exercised when specifying an unencrypted password
+   with this command.  The password will be transmitted to the server
+   in cleartext, and it might also be logged in the client's command
+   history or the server log.  The command <xref
+   linkend="APP-CREATEUSER" endterm="APP-CREATEUSER-title">, however, transmits
+   the password encrypted.  Also, <xref linkend="app-psql"
+   endterm="app-psql-title"> contains a command
+   <command>\password</command> that can be used to safely change the
+   password later.
+  </para>
  </refsect1>
 
  <refsect1>
 
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/psql-ref.sgml,v 1.155 2005/12/09 19:19:17 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/psql-ref.sgml,v 1.156 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -1379,6 +1379,19 @@ lo_import 152801
       </varlistentry>
 
 
+      <varlistentry>
+        <term><literal>\password [ <replaceable class=parameter>username</replaceable> ]</literal>
+        <listitem>
+        <para>
+        Changes the password of the specified user or by default the
+        current user.  This command prompts for the new password,
+        encrypts it, and sends it to the server.  This makes sure that
+        the new password does not appear in the command history, the
+        server log, or elsewhere in cleartext.
+        </para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><literal>\pset <replaceable class="parameter">parameter</replaceable> [ <replaceable class="parameter">value</replaceable> ]</literal></term>
 
 
@@ -5,7 +5,7 @@
 # Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
 # Portions Copyright (c) 1994, Regents of the University of California
 #
-# $PostgreSQL: pgsql/src/bin/psql/Makefile,v 1.55 2005/12/09 21:19:35 petere Exp $
+# $PostgreSQL: pgsql/src/bin/psql/Makefile,v 1.56 2005/12/18 02:17:16 petere Exp $
 #
 #-------------------------------------------------------------------------
 
@@ -17,22 +17,27 @@ include $(top_builddir)/src/Makefile.global
 
 REFDOCDIR= $(top_srcdir)/doc/src/sgml/ref
 
-override CPPFLAGS := -DFRONTEND -I$(srcdir) -I$(libpq_srcdir) $(CPPFLAGS)
+override CPPFLAGS := -DFRONTEND -I$(srcdir) -I$(libpq_srcdir) -I$(top_srcdir)/src/bin/pg_dump $(CPPFLAGS)
 
 OBJS=	command.o common.o help.o input.o stringutils.o mainloop.o copy.o \
 	startup.o prompt.o variables.o large_obj.o print.o describe.o \
-	psqlscan.o tab-complete.o mbprint.o $(WIN32RES)
+	psqlscan.o tab-complete.o mbprint.o dumputils.o $(WIN32RES)
+
+EXTRA_OBJS = $(top_builddir)/src/backend/parser/keywords.o
 
 FLEXFLAGS = -Cfe
 
 
-all: submake-libpq submake-libpgport psql
+all: submake-libpq submake-libpgport submake-backend psql
 
 psql: $(OBJS) $(libpq_builddir)/libpq.a
-	$(CC) $(CFLAGS) $(OBJS) $(libpq_pgport) $(LDFLAGS) $(LIBS) -o $@$(X)
+	$(CC) $(CFLAGS) $(OBJS) $(EXTRA_OBJS) $(libpq_pgport) $(LDFLAGS) $(LIBS) -o $@$(X)
 
 help.o: $(srcdir)/sql_help.h
 
+dumputils.c: % : $(top_srcdir)/src/bin/pg_dump/%
+	rm -f $@ && $(LN_S) $< .
+
 ifdef PERL
 $(srcdir)/sql_help.h: create_help.pl $(wildcard $(REFDOCDIR)/*.sgml)
 	$(PERL) $< $(REFDOCDIR) $@
@@ -48,6 +53,10 @@ else
 	@$(missing) flex $< $@
 endif
 
+.PHONY: submake-backend
+submake-backend:
+	$(MAKE) -C $(top_builddir)/src/backend/parser keywords.o
+
 distprep: $(srcdir)/sql_help.h $(srcdir)/psqlscan.c
 
 install: all installdirs
@@ -62,7 +71,7 @@ uninstall:
 
 # psqlscan.c is in the distribution tarball, so is not cleaned here
 clean distclean:
-	rm -f psql$(X) $(OBJS)
+	rm -f psql$(X) $(OBJS) dumputils.c
 
 maintainer-clean: distclean
 	rm -f $(srcdir)/sql_help.h $(srcdir)/psqlscan.c
@@ -3,7 +3,7 @@
  *
  * Copyright (c) 2000-2005, PostgreSQL Global Development Group
  *
- * $PostgreSQL: pgsql/src/bin/psql/command.c,v 1.155 2005/12/08 21:18:22 petere Exp $
+ * $PostgreSQL: pgsql/src/bin/psql/command.c,v 1.156 2005/12/18 02:17:16 petere Exp $
  */
 #include "postgres_fe.h"
 #include "command.h"
@@ -35,6 +35,8 @@
 
 #include "libpq-fe.h"
 #include "pqexpbuffer.h"
+#include "libpq/crypt.h"
+#include "dumputils.h"
 
 #include "common.h"
 #include "copy.h"
@@ -81,7 +83,7 @@ backslashResult
 HandleSlashCmds(PsqlScanState scan_state,
 				PQExpBuffer query_buf)
 {
-	backslashResult status = CMD_SKIP_LINE;
+	backslashResult status = PSQL_CMD_SKIP_LINE;
 	char	   *cmd;
 	char	   *arg;
 
@@ -93,7 +95,7 @@ HandleSlashCmds(PsqlScanState scan_state,
 	/* And try to execute it */
 	status = exec_command(cmd, scan_state, query_buf);
 
-	if (status == CMD_UNKNOWN && strlen(cmd) > 1)
+	if (status == PSQL_CMD_UNKNOWN && strlen(cmd) > 1)
 	{
 		/*
 		 * If the command was not recognized, try to parse it as a one-letter
@@ -110,23 +112,23 @@ HandleSlashCmds(PsqlScanState scan_state,
 
 		status = exec_command(new_cmd, scan_state, query_buf);
 
-		if (status != CMD_UNKNOWN)
+		if (status != PSQL_CMD_UNKNOWN)
 		{
 			/* adjust cmd for possible messages below */
 			cmd[1] = '\0';
 		}
 	}
 
-	if (status == CMD_UNKNOWN)
+	if (status == PSQL_CMD_UNKNOWN)
 	{
 		if (pset.cur_cmd_interactive)
 			fprintf(stderr, _("Invalid command \\%s. Try \\? for help.\n"), cmd);
 		else
 			psql_error("invalid command \\%s\n", cmd);
-		status = CMD_ERROR;
+		status = PSQL_CMD_ERROR;
 	}
 
-	if (status != CMD_ERROR)
+	if (status != PSQL_CMD_ERROR)
 	{
 		/* eat any remaining arguments after a valid command */
 		/* note we suppress evaluation of backticks here */
@@ -164,7 +166,7 @@ exec_command(const char *cmd,
 	bool		success = true; /* indicate here if the command ran ok or
 								 * failed */
 	bool		quiet = QUIET();
-	backslashResult status = CMD_SKIP_LINE;
+	backslashResult status = PSQL_CMD_SKIP_LINE;
 
 	/*
 	 * \a -- toggle field alignment This makes little sense but we keep it
@@ -368,7 +370,7 @@ exec_command(const char *cmd,
 				break;
 
 			default:
-				status = CMD_UNKNOWN;
+				status = PSQL_CMD_UNKNOWN;
 		}
 
 		if (pattern)
@@ -387,7 +389,7 @@ exec_command(const char *cmd,
 		if (!query_buf)
 		{
 			psql_error("no query buffer\n");
-			status = CMD_ERROR;
+			status = PSQL_CMD_ERROR;
 		}
 		else
 		{
@@ -396,7 +398,7 @@ exec_command(const char *cmd,
 			expand_tilde(&fname);
 			if (fname)
 				canonicalize_path(fname);
-			status = do_edit(fname, query_buf) ? CMD_NEWEDIT : CMD_ERROR;
+			status = do_edit(fname, query_buf) ? PSQL_CMD_NEWEDIT : PSQL_CMD_ERROR;
 			free(fname);
 		}
 	}
@@ -486,7 +488,7 @@ exec_command(const char *cmd,
 			pset.gfname = pg_strdup(fname);
 		}
 		free(fname);
-		status = CMD_SEND;
+		status = PSQL_CMD_SEND;
 	}
 
 	/* help */
@@ -590,7 +592,7 @@ exec_command(const char *cmd,
 		}
 
 		else
-			status = CMD_UNKNOWN;
+			status = PSQL_CMD_UNKNOWN;
 
 		free(opt1);
 		free(opt2);
@@ -618,6 +620,57 @@ exec_command(const char *cmd,
 		fflush(stdout);
 	}
 
+	/* \password -- set user password */
+	else if (strcmp(cmd, "password") == 0)
+	{
+		char	   *pw1;
+		char	   *pw2;
+
+		pw1 = simple_prompt("Enter new password: ", 100, false);
+		pw2 = simple_prompt("Enter it again: ", 100, false);
+
+		if (strcmp(pw1, pw2) != 0)
+		{
+			fprintf(stderr, _("Passwords didn't match.\n"));
+			success = false;
+		}
+		else
+		{
+			char	   *opt0 = psql_scan_slash_option(scan_state, OT_SQLID, NULL, true);
+			char	   *user;
+			char		encrypted_password[MD5_PASSWD_LEN + 1];
+
+			if (opt0)
+				user = opt0;
+			else
+				user = PQuser(pset.db);
+
+			if (!pg_md5_encrypt(pw1, user, strlen(user), encrypted_password))
+			{
+				fprintf(stderr, _("Password encryption failed.\n"));
+				success = false;
+			}
+			else
+			{
+				PQExpBufferData buf;
+				PGresult   *res;
+
+				initPQExpBuffer(&buf);
+				printfPQExpBuffer(&buf, "ALTER ROLE %s PASSWORD '%s';",
+								  fmtId(user), encrypted_password);
+				res = PSQLexec(buf.data, false);
+				termPQExpBuffer(&buf);
+				if (!res)
+					success = false;
+				else
+					PQclear(res);
+			}
+		}
+
+		free(pw1);
+		free(pw2);
+	}
+
 	/* \pset -- set printing parameters */
 	else if (strcmp(cmd, "pset") == 0)
 	{
@@ -640,7 +693,7 @@ exec_command(const char *cmd,
 
 	/* \q or \quit */
 	else if (strcmp(cmd, "q") == 0 || strcmp(cmd, "quit") == 0)
-		status = CMD_TERMINATE;
+		status = PSQL_CMD_TERMINATE;
 
 	/* reset(clear) the buffer */
 	else if (strcmp(cmd, "r") == 0 || strcmp(cmd, "reset") == 0)
@@ -780,7 +833,7 @@ exec_command(const char *cmd,
 		if (!query_buf)
 		{
 			psql_error("no query buffer\n");
-			status = CMD_ERROR;
+			status = PSQL_CMD_ERROR;
 		}
 		else
 		{
@@ -884,10 +937,10 @@ exec_command(const char *cmd,
 #endif
 
 	else
-		status = CMD_UNKNOWN;
+		status = PSQL_CMD_UNKNOWN;
 
 	if (!success)
-		status = CMD_ERROR;
+		status = PSQL_CMD_ERROR;
 
 	return status;
 }
 
@@ -3,7 +3,7 @@
  *
  * Copyright (c) 2000-2005, PostgreSQL Global Development Group
  *
- * $PostgreSQL: pgsql/src/bin/psql/command.h,v 1.22 2005/01/01 05:43:08 momjian Exp $
+ * $PostgreSQL: pgsql/src/bin/psql/command.h,v 1.23 2005/12/18 02:17:16 petere Exp $
  */
 #ifndef COMMAND_H
 #define COMMAND_H
@@ -15,12 +15,12 @@
 
 typedef enum _backslashResult
 {
-	CMD_UNKNOWN = 0,			/* not done parsing yet (internal only) */
-	CMD_SEND,					/* query complete; send off */
-	CMD_SKIP_LINE,				/* keep building query */
-	CMD_TERMINATE,				/* quit program */
-	CMD_NEWEDIT,				/* query buffer was changed (e.g., via \e) */
-	CMD_ERROR					/* the execution of the backslash command
+	PSQL_CMD_UNKNOWN = 0,			/* not done parsing yet (internal only) */
+	PSQL_CMD_SEND,					/* query complete; send off */
+	PSQL_CMD_SKIP_LINE,				/* keep building query */
+	PSQL_CMD_TERMINATE,				/* quit program */
+	PSQL_CMD_NEWEDIT,				/* query buffer was changed (e.g., via \e) */
+	PSQL_CMD_ERROR					/* the execution of the backslash command
 								 * resulted in an error */
 } backslashResult;