database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-03 20:02:46 +03:00
Code Activity

libpq error message refactoring, part 2

Browse Source 
This applies the new APIs to the code.

Reviewed-by: Alvaro Herrera <alvherre@alvh.no-ip.org>
Discussion: https://www.postgresql.org/message-id/flat/7c0232ef-7b44-68db-599d-b327d0640a77@enterprisedb.com
This commit is contained in:
Peter Eisentraut
2022-11-15 11:50:04 +01:00
parent 0873b2d354
commit a9e9a9f32b
12 changed files with 463 additions and 774 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/interfaces/libpq/fe-secure-common.c
View File

@ -96,8 +96,7 @@ pq_verify_peer_name_matches_certificate_name(PGconn *conn,
if (!(host && host[0] != '\0'))
{
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("host name must be specified\n"));
libpq_append_conn_error(conn, "host name must be specified");
return -1;
}
@ -108,8 +107,7 @@ pq_verify_peer_name_matches_certificate_name(PGconn *conn,
name = malloc(namelen + 1);
if (name == NULL)
{
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("out of memory\n"));
libpq_append_conn_error(conn, "out of memory");
return -1;
}
memcpy(name, namedata, namelen);
@ -122,8 +120,7 @@ pq_verify_peer_name_matches_certificate_name(PGconn *conn,
if (namelen != strlen(name))
{
free(name);
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("SSL certificate's name contains embedded null\n"));
libpq_append_conn_error(conn, "SSL certificate's name contains embedded null");
return -1;
}
@ -173,8 +170,7 @@ pq_verify_peer_name_matches_certificate_ip(PGconn *conn,
if (!(host && host[0] != '\0'))
{
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("host name must be specified\n"));
libpq_append_conn_error(conn, "host name must be specified");
return -1;
}
@ -229,8 +225,7 @@ pq_verify_peer_name_matches_certificate_ip(PGconn *conn,
* Not IPv4 or IPv6. We could ignore the field, but leniency seems
* wrong given the subject matter.
*/
appendPQExpBuffer(&conn->errorMessage,
libpq_gettext("certificate contains IP address with invalid length %zu\n"),
libpq_append_conn_error(conn, "certificate contains IP address with invalid length %zu",
iplen);
return -1;
}
@ -239,8 +234,7 @@ pq_verify_peer_name_matches_certificate_ip(PGconn *conn,
addrstr = pg_inet_net_ntop(family, ipdata, 8 * iplen, tmp, sizeof(tmp));
if (!addrstr)
{
appendPQExpBuffer(&conn->errorMessage,
libpq_gettext("could not convert certificate's IP address to string: %s\n"),
libpq_append_conn_error(conn, "could not convert certificate's IP address to string: %s",
strerror_r(errno, sebuf, sizeof(sebuf)));
return -1;
}
@ -272,8 +266,7 @@ pq_verify_peer_name_matches_certificate(PGconn *conn)
/* Check that we have a hostname to compare with. */
if (!(host && host[0] != '\0'))
{
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("host name must be specified for a verified SSL connection\n"));
libpq_append_conn_error(conn, "host name must be specified for a verified SSL connection");
return false;
}
@ -290,21 +283,20 @@ pq_verify_peer_name_matches_certificate(PGconn *conn)
if (names_examined > 1)
{
appendPQExpBuffer(&conn->errorMessage,
libpq_ngettext("server certificate for \"%s\" (and %d other name) does not match host name \"%s\"\n",
"server certificate for \"%s\" (and %d other names) does not match host name \"%s\"\n",
libpq_ngettext("server certificate for \"%s\" (and %d other name) does not match host name \"%s\"",
"server certificate for \"%s\" (and %d other names) does not match host name \"%s\"",
names_examined - 1),
first_name, names_examined - 1, host);
appendPQExpBufferChar(&conn->errorMessage, '\n');
}
else if (names_examined == 1)
{
appendPQExpBuffer(&conn->errorMessage,
libpq_gettext("server certificate for \"%s\" does not match host name \"%s\"\n"),
libpq_append_conn_error(conn, "server certificate for \"%s\" does not match host name \"%s\"",
first_name, host);
}
else
{
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("could not get server's host name from server certificate\n"));
libpq_append_conn_error(conn, "could not get server's host name from server certificate");
}
}