Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit e453cc2

Browse files
committed
Make Port->ssl_in_use available, even when built with !USE_SSL
Code that check the flag no longer need #ifdef's, which is more convenient. In particular, makes it easier to write extensions that depend on it. In the passing, modify sslinfo's ssl_is_used function to check ssl_in_use instead of the OpenSSL specific 'ssl' pointer. It doesn't make any difference currently, as sslinfo is only compiled when built with OpenSSL, but seems cleaner anyway.
1 parent f5d9698 commit e453cc2

File tree

3 files changed

+8
-14
lines changed

3 files changed

+8
-14
lines changed

contrib/sslinfo/sslinfo.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ PG_FUNCTION_INFO_V1(ssl_is_used);
3535
Datum
3636
ssl_is_used(PG_FUNCTION_ARGS)
3737
{
38-
PG_RETURN_BOOL(MyProcPort->ssl != NULL);
38+
PG_RETURN_BOOL(MyProcPort->ssl_in_use);
3939
}
4040

4141

src/backend/libpq/hba.c

+1-9
Original file line numberDiff line numberDiff line change
@@ -925,15 +925,13 @@ parse_hba_line(List *line, int line_num, char *raw_line)
925925
return NULL;
926926
#endif
927927
}
928-
#ifdef USE_SSL
929928
else if (token->string[4] == 'n') /* "hostnossl" */
930929
{
931930
parsedline->conntype = ctHostNoSSL;
932931
}
933-
#endif
934932
else
935933
{
936-
/* "host", or "hostnossl" and SSL support not built in */
934+
/* "host" */
937935
parsedline->conntype = ctHost;
938936
}
939937
} /* record type */
@@ -1684,7 +1682,6 @@ check_hba(hbaPort *port)
16841682
continue;
16851683

16861684
/* Check SSL state */
1687-
#ifdef USE_SSL
16881685
if (port->ssl_in_use)
16891686
{
16901687
/* Connection is SSL, match both "host" and "hostssl" */
@@ -1697,11 +1694,6 @@ check_hba(hbaPort *port)
16971694
if (hba->conntype == ctHostSSL)
16981695
continue;
16991696
}
1700-
#else
1701-
/* No SSL support, so reject "hostssl" lines */
1702-
if (hba->conntype == ctHostSSL)
1703-
continue;
1704-
#endif
17051697

17061698
/* Check IP address */
17071699
switch (hba->ip_cmp_method)

src/include/libpq/libpq-be.h

+6-4
Original file line numberDiff line numberDiff line change
@@ -184,14 +184,16 @@ typedef struct Port
184184
#endif
185185

186186
/*
187-
* SSL structures (keep these last so that the locations of other fields
188-
* are the same whether or not you build with SSL)
187+
* SSL structures.
189188
*/
190-
#ifdef USE_SSL
191189
bool ssl_in_use;
192190
char *peer_cn;
193191
bool peer_cert_valid;
194-
#endif
192+
193+
/*
194+
* OpenSSL structures. (Keep these last so that the locations of other
195+
* fields are the same whether or not you build with OpenSSL.)
196+
*/
195197
#ifdef USE_OPENSSL
196198
SSL *ssl;
197199
X509 *peer;

0 commit comments

Comments
 (0)