database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-03 09:13:20 +03:00
Code Activity

Add ssl_library preset parameter

Browse Source 
This allows querying the SSL implementation used on the server side.
It's analogous to using PQsslAttribute(conn, "library") in libpq.

Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
This commit is contained in:
Peter Eisentraut
2018-06-26 10:19:35 +02:00
parent ab87b8fedc
commit 98efa76fe3
5 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
doc/src/sgml/config.sgml
View File

@@ -8401,6 +8401,22 @@ dynamic_library_path = 'C:\tools\postgresql;H:\my_project\lib;$libdir'
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry id="guc-ssl-library" xreflabel="ssl_library">
<term><varname>ssl_library</varname> (<type>string</type>)
<indexterm>
<primary><varname>ssl_library</varname> configuration parameter</primary>
</indexterm>
</term>
<listitem>
<para>
Reports the name of the SSL library that this PostgreSQL server was
built with (even if SSL is not currently configured or in use on this
instance), for example <literal>OpenSSL</literal>, or an empty string
if none.
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-wal-block-size" xreflabel="wal_block_size"> <varlistentry id="guc-wal-block-size" xreflabel="wal_block_size">
<term><varname>wal_block_size</varname> (<type>integer</type>) <term><varname>wal_block_size</varname> (<type>integer</type>)
<indexterm> <indexterm>

1
src/backend/libpq/be-secure.c
View File

@@ -38,6 +38,7 @@
#include "storage/proc.h" #include "storage/proc.h"
char *ssl_library;
char *ssl_cert_file; char *ssl_cert_file;
char *ssl_key_file; char *ssl_key_file;
char *ssl_ca_file; char *ssl_ca_file;

15
src/backend/utils/misc/guc.c
View File

@@ -3723,6 +3723,21 @@ static struct config_string ConfigureNamesString[] =
check_canonical_path, NULL, NULL check_canonical_path, NULL, NULL
}, },
{
{"ssl_library", PGC_INTERNAL, PRESET_OPTIONS,
gettext_noop("Name of the SSL library."),
NULL,
GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
},
&ssl_library,
#ifdef USE_SSL
"OpenSSL",
#else
"",
#endif
NULL, NULL, NULL
},
{ {
{"ssl_cert_file", PGC_SIGHUP, CONN_AUTH_SSL, {"ssl_cert_file", PGC_SIGHUP, CONN_AUTH_SSL,
gettext_noop("Location of the SSL server certificate file."), gettext_noop("Location of the SSL server certificate file."),

1
src/include/libpq/libpq.h
View File

@@ -75,6 +75,7 @@ extern int pq_putbytes(const char *s, size_t len);
/* /*
* prototypes for functions in be-secure.c * prototypes for functions in be-secure.c
*/ */
extern char *ssl_library;
extern char *ssl_cert_file; extern char *ssl_cert_file;
extern char *ssl_key_file; extern char *ssl_key_file;
extern char *ssl_ca_file; extern char *ssl_ca_file;

7
src/test/ssl/t/001_ssltests.pl
View File

@@ -8,7 +8,7 @@ use File::Copy;
if ($ENV{with_openssl} eq 'yes') if ($ENV{with_openssl} eq 'yes')
{ {
plan tests => 64; plan tests => 65;
} }
else else
{ {
@@ -49,6 +49,11 @@ $node->init;
$ENV{PGHOST} = $node->host; $ENV{PGHOST} = $node->host;
$ENV{PGPORT} = $node->port; $ENV{PGPORT} = $node->port;
$node->start; $node->start;
# Run this before we lock down access below.
my $result = $node->safe_psql('postgres', "SHOW ssl_library");
is($result, 'OpenSSL', 'ssl_library parameter');
configure_test_server_for_ssl($node, $SERVERHOSTADDR, 'trust'); configure_test_server_for_ssl($node, $SERVERHOSTADDR, 'trust');
note "testing password-protected keys"; note "testing password-protected keys";