Revert "Add notBefore and notAfter to SSL cert info display"

Due to an oversight in reviewing, this used functionality not
compatible with old versions of OpenSSL.

This reverts commit 75ec5e7bec.

contrib/sslinfo/Makefile

@@ -6,7 +6,7 @@ OBJS = \
 	sslinfo.o
 
 EXTENSION = sslinfo
-DATA = sslinfo--1.2--1.3.sql sslinfo--1.2.sql sslinfo--1.1--1.2.sql sslinfo--1.0--1.1.sql
+DATA = sslinfo--1.2.sql sslinfo--1.1--1.2.sql sslinfo--1.0--1.1.sql
 PGFILEDESC = "sslinfo - information about client SSL certificate"
 
 ifdef USE_PGXS

contrib/sslinfo/meson.build

@@ -26,7 +26,6 @@ install_data(
   'sslinfo--1.0--1.1.sql',
   'sslinfo--1.1--1.2.sql',
   'sslinfo--1.2.sql',
-  'sslinfo--1.2--1.3.sql',
   'sslinfo.control',
   kwargs: contrib_data_args,
 )

contrib/sslinfo/sslinfo--1.2--1.3.sql

@@ -1,12 +0,0 @@
-/* contrib/sslinfo/sslinfo--1.2--1.3.sql */
-
--- complain if script is sourced in psql, rather than via CREATE EXTENSION
-\echo Use "CREATE EXTENSION sslinfo" to load this file. \quit
-
-CREATE FUNCTION ssl_client_get_notbefore() RETURNS timestamp
-AS 'MODULE_PATHNAME', 'ssl_client_get_notbefore'
-LANGUAGE C STRICT PARALLEL RESTRICTED;
-
-CREATE FUNCTION ssl_client_get_notafter() RETURNS timestamp
-AS 'MODULE_PATHNAME', 'ssl_client_get_notafter'
-LANGUAGE C STRICT PARALLEL RESTRICTED;

contrib/sslinfo/sslinfo.c

@@ -18,7 +18,6 @@
 #include "libpq/libpq-be.h"
 #include "miscadmin.h"
 #include "utils/builtins.h"
-#include "utils/timestamp.h"
 
 /*
  * On Windows, <wincrypt.h> includes a #define for X509_NAME, which breaks our
@@ -35,7 +34,6 @@ PG_MODULE_MAGIC;
 
 static Datum X509_NAME_field_to_text(X509_NAME *name, text *fieldName);
 static Datum ASN1_STRING_to_text(ASN1_STRING *str);
-static Datum ASN1_TIME_to_timestamp(ASN1_TIME *time);
 
 /*
  * Function context for data persisting over repeated calls.
@@ -227,39 +225,6 @@ X509_NAME_field_to_text(X509_NAME *name, text *fieldName)
 }
 
 
-/*
- * Converts OpenSSL ASN1_TIME structure into timestamp
- *
- * Parameter: time - OpenSSL ASN1_TIME structure.
- *
- * Returns Datum, which can be directly returned from a C language SQL
- * function.
- */
-static Datum
-ASN1_TIME_to_timestamp(ASN1_TIME * time)
-{
-	struct tm	tm_time;
-	struct pg_tm pgtm_time;
-	Timestamp	ts;
-
-	ASN1_TIME_to_tm(time, &tm_time);
-
-	pgtm_time.tm_sec = tm_time.tm_sec;
-	pgtm_time.tm_min = tm_time.tm_min;
-	pgtm_time.tm_hour = tm_time.tm_hour;
-	pgtm_time.tm_mday = tm_time.tm_mday;
-	pgtm_time.tm_mon = tm_time.tm_mon + 1;
-	pgtm_time.tm_year = tm_time.tm_year + 1900;
-
-	if (tm2timestamp(&pgtm_time, 0, NULL, &ts))
-		ereport(ERROR,
-				(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-				 errmsg("failed to convert tm to timestamp")));
-
-	PG_RETURN_TIMESTAMP(ts);
-}
-
-
 /*
  * Returns specified field of client certificate distinguished name
  *
@@ -517,35 +482,3 @@ ssl_extension_info(PG_FUNCTION_ARGS)
 	/* All done */
 	SRF_RETURN_DONE(funcctx);
 }
-
-/*
- * Returns current client certificate notBefore timestamp in
- * timestamp data type
- */
-PG_FUNCTION_INFO_V1(ssl_client_get_notbefore);
-Datum
-ssl_client_get_notbefore(PG_FUNCTION_ARGS)
-{
-	X509	   *cert = MyProcPort->peer;
-
-	if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid)
-		PG_RETURN_NULL();
-
-	return ASN1_TIME_to_timestamp(X509_get_notBefore(cert));
-}
-
-/*
- * Returns current client certificate notAfter timestamp in
- * timestamp data type
- */
-PG_FUNCTION_INFO_V1(ssl_client_get_notafter);
-Datum
-ssl_client_get_notafter(PG_FUNCTION_ARGS)
-{
-	X509	   *cert = MyProcPort->peer;
-
-	if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid)
-		PG_RETURN_NULL();
-
-	return ASN1_TIME_to_timestamp(X509_get_notAfter(cert));
-}

contrib/sslinfo/sslinfo.control

@@ -1,5 +1,5 @@
 # sslinfo extension
 comment = 'information about SSL certificates'
-default_version = '1.3'
+default_version = '1.2'
 module_pathname = '$libdir/sslinfo'
 relocatable = true