diff options
author | Tom Lane <tgl@sss.pgh.pa.us> | 2022-09-30 10:26:47 -0400 |
---|---|---|
committer | Tom Lane <tgl@sss.pgh.pa.us> | 2022-09-30 10:26:47 -0400 |
commit | 4e4f7b9fcc9ad0b023b6e698e978882d022b94c4 (patch) | |
tree | 95634bd5f8f74221e1780d1a507692bc4d1765a4 /src | |
parent | 69298db8e1a5a7afcfeea32daf71e713a109ef93 (diff) | |
download | postgresql-4e4f7b9fcc9ad0b023b6e698e978882d022b94c4.tar.gz |
Adjust PQsslAttributeNames() to match PQsslAttribute().
Currently, PQsslAttributeNames() returns the same list of attribute
names regardless of its conn parameter. This patch changes it to
have behavior parallel to what 80a05679d installed for PQsslAttribute:
you get OpenSSL's attributes if conn is NULL or is an SSL-encrypted
connection, or an empty list if conn is a non-encrypted connection.
The point of this is to have sensible connection-dependent behavior
in case we ever support multiple SSL libraries. The behavior for
NULL can be defined as "the attributes for the default SSL library",
parallel to what PQsslAttribute(NULL, "library") does.
Since this is mostly just future-proofing, no back-patch.
Discussion: https://postgr.es/m/17625-fc47c78b7d71b534@postgresql.org
Diffstat (limited to 'src')
-rw-r--r-- | src/interfaces/libpq/fe-secure-openssl.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index 74b5c5987a..b42a908733 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -1730,7 +1730,7 @@ PQsslStruct(PGconn *conn, const char *struct_name) const char *const * PQsslAttributeNames(PGconn *conn) { - static const char *const result[] = { + static const char *const openssl_attrs[] = { "library", "key_bits", "cipher", @@ -1738,8 +1738,19 @@ PQsslAttributeNames(PGconn *conn) "protocol", NULL }; + static const char *const empty_attrs[] = {NULL}; - return result; + if (!conn) + { + /* Return attributes of default SSL library */ + return openssl_attrs; + } + + /* No attrs for unencrypted connection */ + if (conn->ssl == NULL) + return empty_attrs; + + return openssl_attrs; } const char * |