Add API functions to libpq to interrogate SSL related stuff.

This makes it possible to query for things like the SSL version and cipher used, without depending on OpenSSL functions or macros. That is a good thing if we ever get another SSL implementation. PQgetssl() still works, but it should be considered as deprecated as it only works with OpenSSL. In particular, PQgetSslInUse() should be used to check if a connection uses SSL, because as soon as we have another implementation, PQgetssl() will return NULL even if SSL is in use.
2025-07-28 23:42:10 +03:00 · 2015-02-03 19:57:52 +02:00
parent 809d9a260b
commit 91fa7b4719
6 changed files with 264 additions and 50 deletions
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@ -381,12 +381,32 @@ retry_masked:
 	return n;
 }

+/* Dummy versions of SSL info functions, when built without SSL support */
 #ifndef USE_SSL
+
+int
+PQsslInUse(PGconn *conn)
+{
+	return 0;
+}
+
 void *
 PQgetssl(PGconn *conn)
 {
 	return NULL;
 }
+
+void *
+PQsslStruct(PGconn *conn, const char *struct_name)
+{
+	return NULL;
+}
+
+const char *
+PQsslAttribute(PGconn *conn, const char *attribute_name)
+{
+	return NULL;
+}
 #endif   /* USE_SSL */