From: Michael Paquier Date: Wed, 10 Feb 2021 06:28:19 +0000 (+0900) Subject: Simplify code related to compilation of SSL and OpenSSL X-Git-Tag: REL_14_BETA1~787 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=092b785fad3de3f81355a4b2420aa39a1bc0ccd5;p=thirdparty%2Fpostgresql.git Simplify code related to compilation of SSL and OpenSSL This commit makes more generic some comments and code related to the compilation with OpenSSL and SSL in general to ease the addition of more SSL implementations in the future. In libpq, some OpenSSL-only code is moved under USE_OPENSSL and not USE_SSL. While on it, make a comment more consistent in libpq-fe.h. Author: Daniel Gustafsson Discussion: https://postgr.es/m/5382CB4A-9CF3-4145-BA46-C802615935E0@yesql.se --- diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index 20bf1461cef..9a04c093d5f 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -1041,7 +1041,7 @@ parse_hba_line(TokenizedLine *tok_line, int elevel) ereport(elevel, (errcode(ERRCODE_CONFIG_FILE_ERROR), errmsg("hostssl record cannot match because SSL is not supported by this build"), - errhint("Compile with --with-ssl=openssl to use SSL connections."), + errhint("Compile with --with-ssl to use SSL connections."), errcontext("line %d of configuration file \"%s\"", line_num, HbaFileName))); *err_msg = "hostssl record cannot match because SSL is not supported by this build"; diff --git a/src/include/libpq/libpq-be.h b/src/include/libpq/libpq-be.h index 66a8673d939..7be1a67d692 100644 --- a/src/include/libpq/libpq-be.h +++ b/src/include/libpq/libpq-be.h @@ -194,7 +194,7 @@ typedef struct Port /* * OpenSSL structures. (Keep these last so that the locations of other - * fields are the same whether or not you build with OpenSSL.) + * fields are the same whether or not you build with SSL enabled.) */ #ifdef USE_OPENSSL SSL *ssl; diff --git a/src/include/pg_config_manual.h b/src/include/pg_config_manual.h index d27c8601fa7..2a12071badc 100644 --- a/src/include/pg_config_manual.h +++ b/src/include/pg_config_manual.h @@ -176,8 +176,7 @@ /* * USE_SSL code should be compiled only when compiling with an SSL - * implementation. (Currently, only OpenSSL is supported, but we might add - * more implementations in the future.) + * implementation. */ #ifdef USE_OPENSSL #define USE_SSL diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 00b87bdc96d..c6010718381 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -421,6 +421,13 @@ PQsslAttributeNames(PGconn *conn) return result; } +#endif /* USE_SSL */ + +/* + * Dummy versions of OpenSSL key password hook functions, when built without + * OpenSSL. + */ +#ifndef USE_OPENSSL PQsslKeyPassHook_OpenSSL_type PQgetSSLKeyPassHook_OpenSSL(void) @@ -439,7 +446,7 @@ PQdefaultSSLKeyPassHook_OpenSSL(char *buf, int size, PGconn *conn) { return 0; } -#endif /* USE_SSL */ +#endif /* USE_OPENSSL */ /* Dummy version of GSSAPI information functions, when built without GSS support */ #ifndef ENABLE_GSS diff --git a/src/interfaces/libpq/libpq-fe.h b/src/interfaces/libpq/libpq-fe.h index c266ad5b138..effe0ccf856 100644 --- a/src/interfaces/libpq/libpq-fe.h +++ b/src/interfaces/libpq/libpq-fe.h @@ -619,7 +619,7 @@ extern int pg_valid_server_encoding_id(int encoding); /* === in fe-secure-openssl.c === */ -/* Support for overriding sslpassword handling with a callback. */ +/* Support for overriding sslpassword handling with a callback */ typedef int (*PQsslKeyPassHook_OpenSSL_type) (char *buf, int size, PGconn *conn); extern PQsslKeyPassHook_OpenSSL_type PQgetSSLKeyPassHook_OpenSSL(void); extern void PQsetSSLKeyPassHook_OpenSSL(PQsslKeyPassHook_OpenSSL_type hook);