Lots of patches coming in from me today :-)

When drawing up a very simple "text-drawing" of how the negotiation is done,
I realised I had done this last part (fallback) in a very stupid way. Patch
#4 fixes this, and does it in a much better way.

Included is also the simple text-drawing of how the negotiation is done.

//Magnus

3 files changed, 27 insertions, 7 deletions

diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h
index b4e03c08e07..d1dc7ec121f 100644
--- a/src/include/libpq/hba.h
+++ b/src/include/libpq/hba.h
@@ -4,7 +4,7 @@
  *	  Interface to hba.c
  *
  *
- * $Id: hba.h,v 1.14 1999/07/14 01:20:17 momjian Exp $
+ * $Id: hba.h,v 1.15 1999/09/27 03:13:10 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -49,8 +49,9 @@ typedef enum UserAuth
 	uaCrypt
 } UserAuth;
 
-int hba_getauthmethod(SockAddr *raddr, char *user, char *database,
-				  char *auth_arg, UserAuth *auth_method);
+typedef struct Port hbaPort;
+
+int hba_getauthmethod(hbaPort *port);
 int authident(struct sockaddr_in * raddr, struct sockaddr_in * laddr,
 		  const char *postgres_username, const char *auth_arg);
 
diff --git a/src/include/libpq/libpq-be.h b/src/include/libpq/libpq-be.h
index 9b38673d41e..1d99bc31b2d 100644
--- a/src/include/libpq/libpq-be.h
+++ b/src/include/libpq/libpq-be.h
@@ -7,7 +7,7 @@
  *
  * Copyright (c) 1994, Regents of the University of California
  *
- * $Id: libpq-be.h,v 1.16 1999/07/17 20:18:28 momjian Exp $
+ * $Id: libpq-be.h,v 1.17 1999/09/27 03:13:11 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -18,6 +18,11 @@
 
 #include "libpq/hba.h"
 
+#ifdef USE_SSL
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#endif
+
 
 /* Protocol v0 password packet. */
 
@@ -126,6 +131,13 @@ typedef struct Port
 	char		tty[SM_TTY + 1];
 	char		auth_arg[MAX_AUTH_ARG];
 	UserAuth	auth_method;
+
+        /*
+	 * SSL structures 
+	 */
+#ifdef USE_SSL
+        SSL             *ssl;
+#endif
 } Port;
 
 
@@ -136,9 +148,9 @@ extern ProtocolVersion FrontendProtocol;
  * prototypes for functions in pqpacket.c
  */
 void		PacketReceiveSetup(Packet *pkt, PacketDoneProc iodone, void *arg);
-int			PacketReceiveFragment(Packet *pkt, int sock);
+int			PacketReceiveFragment(Port *port);
 void		PacketSendSetup(Packet *pkt, int nbytes, PacketDoneProc iodone, void *arg);
-int			PacketSendFragment(Packet *pkt, int sock);
+int			PacketSendFragment(Port *port);
 void		PacketSendError(Packet *pkt, char *errormsg);
 
 #endif	 /* LIBPQ_BE_H */
diff --git a/src/include/libpq/pqcomm.h b/src/include/libpq/pqcomm.h
index 181428265ac..2ee74e92120 100644
--- a/src/include/libpq/pqcomm.h
+++ b/src/include/libpq/pqcomm.h
@@ -8,7 +8,7 @@
  *
  * Copyright (c) 1994, Regents of the University of California
  *
- * $Id: pqcomm.h,v 1.39 1999/08/31 04:26:33 tgl Exp $
+ * $Id: pqcomm.h,v 1.40 1999/09/27 03:13:11 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -152,4 +152,11 @@ typedef struct CancelRequestPacket
 	uint32		cancelAuthCode; /* secret key to authorize cancel */
 } CancelRequestPacket;
 
+
+/*
+ * A client can also start by sending a SSL negotiation request, to get a
+ * secure channel.
+ */
+#define NEGOTIATE_SSL_CODE PG_PROTOCOL(1234,5679)
+
 #endif	 /* PQCOMM_H */