diff options
| author | Heikki Linnakangas | 2014-11-25 07:39:31 +0000 |
|---|---|---|
| committer | Heikki Linnakangas | 2014-11-25 07:46:11 +0000 |
| commit | e453cc2741416dc784842b2bba68749556cf0f6f (patch) | |
| tree | 7854350915ddb4668cc2eaa559d41c3ee1925870 /src | |
| parent | f5d9698a8400972bd604069a3f15ca33e535ea6e (diff) | |
Make Port->ssl_in_use available, even when built with !USE_SSL
Code that check the flag no longer need #ifdef's, which is more convenient.
In particular, makes it easier to write extensions that depend on it.
In the passing, modify sslinfo's ssl_is_used function to check ssl_in_use
instead of the OpenSSL specific 'ssl' pointer. It doesn't make any
difference currently, as sslinfo is only compiled when built with OpenSSL,
but seems cleaner anyway.
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/libpq/hba.c | 10 | ||||
| -rw-r--r-- | src/include/libpq/libpq-be.h | 10 |
2 files changed, 7 insertions, 13 deletions
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index 84da823ffab..800dcd99808 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -925,15 +925,13 @@ parse_hba_line(List *line, int line_num, char *raw_line) return NULL; #endif } -#ifdef USE_SSL else if (token->string[4] == 'n') /* "hostnossl" */ { parsedline->conntype = ctHostNoSSL; } -#endif else { - /* "host", or "hostnossl" and SSL support not built in */ + /* "host" */ parsedline->conntype = ctHost; } } /* record type */ @@ -1684,7 +1682,6 @@ check_hba(hbaPort *port) continue; /* Check SSL state */ -#ifdef USE_SSL if (port->ssl_in_use) { /* Connection is SSL, match both "host" and "hostssl" */ @@ -1697,11 +1694,6 @@ check_hba(hbaPort *port) if (hba->conntype == ctHostSSL) continue; } -#else - /* No SSL support, so reject "hostssl" lines */ - if (hba->conntype == ctHostSSL) - continue; -#endif /* Check IP address */ switch (hba->ip_cmp_method) diff --git a/src/include/libpq/libpq-be.h b/src/include/libpq/libpq-be.h index 34e52e44b0c..e81f077f98f 100644 --- a/src/include/libpq/libpq-be.h +++ b/src/include/libpq/libpq-be.h @@ -184,14 +184,16 @@ typedef struct Port #endif /* - * SSL structures (keep these last so that the locations of other fields - * are the same whether or not you build with SSL) + * SSL structures. */ -#ifdef USE_SSL bool ssl_in_use; char *peer_cn; bool peer_cert_valid; -#endif + + /* + * OpenSSL structures. (Keep these last so that the locations of other + * fields are the same whether or not you build with OpenSSL.) + */ #ifdef USE_OPENSSL SSL *ssl; X509 *peer; |