Revert "Add notBefore and notAfter to SSL cert info display"

Due to an oversight in reviewing, this used functionality not compatible with old versions of OpenSSL. This reverts commit 75ec5e7bec.
2025-11-21 00:42:43 +03:00 · 2023-07-20 17:18:12 +02:00
parent 75ec5e7bec
commit 29a0ccbce9
18 changed files with 33 additions and 246 deletions
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -36,7 +36,6 @@
 #include "tcop/tcopprot.h"
 #include "utils/builtins.h"
 #include "utils/memutils.h"
-#include "utils/timestamp.h"

 /*
 * These SSL-related #includes must come after all system-provided headers.
@@ -73,7 +72,6 @@ static bool initialize_ecdh(SSL_CTX *context, bool isServerStart);
 static const char *SSLerrmessage(unsigned long ecode);

 static char *X509_NAME_to_cstring(X509_NAME *name);
-static Timestamp ASN1_TIME_to_timestamp(ASN1_TIME *time);

 static SSL_CTX *SSL_context = NULL;
 static bool SSL_initialized = false;
@@ -1408,24 +1406,6 @@ be_tls_get_peer_issuer_name(Port *port, char *ptr, size_t len)
 		ptr[0] = '\0';
 }

-void
-be_tls_get_peer_not_before(Port *port, Timestamp *ptr)
-{
-	if (port->peer)
-		*ptr = ASN1_TIME_to_timestamp(X509_get_notBefore(port->peer));
-	else
-		*ptr = 0;
-}
-
-void
-be_tls_get_peer_not_after(Port *port, Timestamp *ptr)
-{
-	if (port->peer)
-		*ptr = ASN1_TIME_to_timestamp(X509_get_notAfter(port->peer));
-	else
-		*ptr = 0;
-}
-
 void
 be_tls_get_peer_serial(Port *port, char *ptr, size_t len)
 {
@@ -1569,33 +1549,6 @@ X509_NAME_to_cstring(X509_NAME *name)
 	return result;
 }

-/*
- * Convert an ASN1_TIME to a Timestamp
- */
-static Timestamp
-ASN1_TIME_to_timestamp(ASN1_TIME * time)
-{
-	struct tm	tm_time;
-	struct pg_tm pgtm_time;
-	Timestamp	ts;
-
-	ASN1_TIME_to_tm(time, &tm_time);
-
-	pgtm_time.tm_sec = tm_time.tm_sec;
-	pgtm_time.tm_min = tm_time.tm_min;
-	pgtm_time.tm_hour = tm_time.tm_hour;
-	pgtm_time.tm_mday = tm_time.tm_mday;
-	pgtm_time.tm_mon = tm_time.tm_mon + 1;
-	pgtm_time.tm_year = tm_time.tm_year + 1900;
-
-	if (tm2timestamp(&pgtm_time, 0, NULL, &ts))
-		ereport(ERROR,
-				(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-				 errmsg("timestamp out of range")));
-
-	return ts;
-}
-
 /*
 * Convert TLS protocol version GUC enum to OpenSSL values
 *