Make Port->ssl_in_use available, even when built with !USE_SSL

Code that check the flag no longer need #ifdef's, which is more convenient.
In particular, makes it easier to write extensions that depend on it.

In the passing, modify sslinfo's ssl_is_used function to check ssl_in_use
instead of the OpenSSL specific 'ssl' pointer. It doesn't make any
difference currently, as sslinfo is only compiled when built with OpenSSL,
but seems cleaner anyway.

1 files changed, 1 insertions, 9 deletions

diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 84da823ffab..800dcd99808 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -925,15 +925,13 @@ parse_hba_line(List *line, int line_num, char *raw_line)
 			return NULL;
 #endif
 		}
-#ifdef USE_SSL
 		else if (token->string[4] == 'n')		/* "hostnossl" */
 		{
 			parsedline->conntype = ctHostNoSSL;
 		}
-#endif
 		else
 		{
-			/* "host", or "hostnossl" and SSL support not built in */
+			/* "host" */
 			parsedline->conntype = ctHost;
 		}
 	}							/* record type */
@@ -1684,7 +1682,6 @@ check_hba(hbaPort *port)
 				continue;
 
 			/* Check SSL state */
-#ifdef USE_SSL
 			if (port->ssl_in_use)
 			{
 				/* Connection is SSL, match both "host" and "hostssl" */
@@ -1697,11 +1694,6 @@ check_hba(hbaPort *port)
 				if (hba->conntype == ctHostSSL)
 					continue;
 			}
-#else
-			/* No SSL support, so reject "hostssl" lines */
-			if (hba->conntype == ctHostSSL)
-				continue;
-#endif
 
 			/* Check IP address */
 			switch (hba->ip_cmp_method)