Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
summaryrefslogtreecommitdiff
path: root/src/interfaces/libpq/fe-secure-openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/interfaces/libpq/fe-secure-openssl.c')
-rw-r--r--src/interfaces/libpq/fe-secure-openssl.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index 2f29820e820..61d161b367a 100644
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -393,6 +393,33 @@ pgtls_write(PGconn *conn, const void *ptr, size_t len)
return n;
}
+/*
+ * Get the TLS finish message sent during last handshake
+ *
+ * This information is useful for callers doing channel binding during
+ * authentication.
+ */
+char *
+pgtls_get_finished(PGconn *conn, size_t *len)
+{
+ char dummy[1];
+ char *result;
+
+ /*
+ * OpenSSL does not offer an API to get directly the length of the TLS
+ * Finished message sent, so first do a dummy call to grab this
+ * information and then do an allocation with the correct size.
+ */
+ *len = SSL_get_finished(conn->ssl, dummy, sizeof(dummy));
+ result = malloc(*len);
+ if (result == NULL)
+ return NULL;
+ (void) SSL_get_finished(conn->ssl, result, *len);
+
+ return result;
+}
+
+
/* ------------------------------------------------------------ */
/* OpenSSL specific code */
/* ------------------------------------------------------------ */
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-14 14:15:51 +0000