git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

author Peter Eisentraut <peter_e@gmx.net>

2018年6月26日 08:19:35 +0000 (10:19 +0200)

committer Peter Eisentraut <peter_e@gmx.net>

2018年7月30日 11:46:27 +0000 (13:46 +0200)

This allows querying the SSL implementation used on the server side.
It's analogous to using PQsslAttribute(conn, "library") in libpq.

Reviewed-by: Daniel Gustafsson <daniel@yesql.se>

doc/src/sgml/config.sgml patch | blob | blame | history

src/backend/libpq/be-secure.c patch | blob | blame | history

src/backend/utils/misc/guc.c patch | blob | blame | history

src/include/libpq/libpq.h patch | blob | blame | history

src/test/ssl/t/001_ssltests.pl patch | blob | blame | history

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml

index 4d48d93305a3776af714888e824cb0674738d251..bee4afbe4e763f25dc5333feefd91115349cfc2f 100644 (file)

--- a/doc/src/sgml/config.sgml

+++ b/doc/src/sgml/config.sgml

@@ -8401,6 +8401,22 @@ dynamic_library_path = 'C:\tools\postgresql;H:\my_project\lib;$libdir'

</listitem>

</varlistentry>

+ <varlistentry id="guc-ssl-library" xreflabel="ssl_library">

+ <term><varname>ssl_library</varname> (<type>string</type>)

+ <indexterm>

+ <primary><varname>ssl_library</varname> configuration parameter</primary>

+ </indexterm>

+ </term>

+ <listitem>

+ <para>

+ Reports the name of the SSL library that this PostgreSQL server was

+ built with (even if SSL is not currently configured or in use on this

+ instance), for example <literal>OpenSSL</literal>, or an empty string

+ if none.

+ </para>

+ </listitem>

+ </varlistentry>

<term><varname>wal_block_size</varname> (<type>integer</type>)

diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c

index edfe2c0751c611a26b0734d52f82969f32582a17..d349d7c2c725a649db7e880b0edbd3eddf7bad1f 100644 (file)

--- a/src/backend/libpq/be-secure.c

+++ b/src/backend/libpq/be-secure.c

@@ -38,6 +38,7 @@

#include "storage/proc.h"

+char *ssl_library;

char *ssl_cert_file;

char *ssl_key_file;

char *ssl_ca_file;

diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c

index c123de1a59ef04eb393fc547448a74bb632c359b..c5ba149996e0b13385c87501abcdb984cc2caa11 100644 (file)

--- a/src/backend/utils/misc/guc.c

+++ b/src/backend/utils/misc/guc.c

@@ -3723,6 +3723,21 @@ static struct config_string ConfigureNamesString[] =

check_canonical_path, NULL, NULL

+ {

+ {"ssl_library", PGC_INTERNAL, PRESET_OPTIONS,

+ gettext_noop("Name of the SSL library."),

+ NULL,

+ GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE

+ },

+ &ssl_library,

+#ifdef USE_SSL

+ "OpenSSL",

+#else

+ "",

+#endif

+ NULL, NULL, NULL

+ },

{

{"ssl_cert_file", PGC_SIGHUP, CONN_AUTH_SSL,

gettext_noop("Location of the SSL server certificate file."),

diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h

index 7bf06c65e96ff03abcb37652675793795e29107f..36baf6b9199dbdd9a07b74ff9c92300f30317451 100644 (file)

--- a/src/include/libpq/libpq.h

+++ b/src/include/libpq/libpq.h

@@ -75,6 +75,7 @@ extern int pq_putbytes(const char *s, size_t len);

* prototypes for functions in be-secure.c

+extern char *ssl_library;

extern char *ssl_cert_file;

extern char *ssl_key_file;

extern char *ssl_ca_file;

diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl

index e550207454daaf180b2419ce9c242e0c11399f0d..2b875a3c956a97cdc8288ae1777dcaef3644bd4e 100644 (file)

--- a/src/test/ssl/t/001_ssltests.pl

+++ b/src/test/ssl/t/001_ssltests.pl

@@ -8,7 +8,7 @@ use File::Copy;

if ($ENV{with_openssl} eq 'yes')

{

- plan tests => 64;

+ plan tests => 65;

}

else

{

@@ -49,6 +49,11 @@ $node->init;

$ENV{PGHOST} = $node->host;

$ENV{PGPORT} = $node->port;

$node->start;

+# Run this before we lock down access below.

+my $result = $node->safe_psql('postgres', "SHOW ssl_library");

+is($result, 'OpenSSL', 'ssl_library parameter');

configure_test_server_for_ssl($node, $SERVERHOSTADDR, 'trust');

note "testing password-protected keys";

This is the main PostgreSQL git repository.

RSS Atom