From 2764d5dcfa84d240c901c20ec6e194f72d82b78a Mon Sep 17 00:00:00 2001
From: Peter Eisentraut
Date: Mon, 2 Apr 2018 11:34:52 -0400
Subject: Make be-secure-common.c more consistent for future SSL
 implementations

Recent commit 8a3d9425 has introduced be-secure-common.c, which is aimed
at including backend-side APIs that can be used by any SSL
implementation.  The purpose is similar to fe-secure-common.c for the
frontend-side APIs.

However, this has forgotten to include check_ssl_key_file_permissions()
in the move, which causes a double dependency between be-secure.c and
be-secure-openssl.c.

Refactor the code in a more logical way.  This also puts into light an
API which is usable by future SSL implementations for permissions on SSL
key files.

Author: Michael Paquier <michael@paquier.xyz>
---
 src/include/libpq/libpq.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/include')

diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h
index 997947b0917..a74ad521b5a 100644
--- a/src/include/libpq/libpq.h
+++ b/src/include/libpq/libpq.h
@@ -92,7 +92,6 @@ extern ssize_t secure_read(Port *port, void *ptr, size_t len);
 extern ssize_t secure_write(Port *port, void *ptr, size_t len);
 extern ssize_t secure_raw_read(Port *port, void *ptr, size_t len);
 extern ssize_t secure_raw_write(Port *port, const void *ptr, size_t len);
-extern bool check_ssl_key_file_permissions(const char *ssl_key_file, bool isServerStart);
 
 extern bool ssl_loaded_verify_locations;
 
@@ -108,5 +107,7 @@ extern bool SSLPreferServerCiphers;
  */
 extern int run_ssl_passphrase_command(const char *prompt, bool is_server_start,
 									  char *buf, int size);
+extern bool check_ssl_key_file_permissions(const char *ssl_key_file,
+										   bool isServerStart);
 
 #endif							/* LIBPQ_H */
-- 
cgit v1.2.3