Clean up gcc warnings. Avoid the bad habit of putting externs in .c

files rather than a header file where they belong. Pay some modicum of attention to picking global routine names that aren't likely to conflict with surrounding applications.
2002-06-15 22:06:09 +00:00 · 2002-06-15 22:06:09 +00:00 · 32fecad80a
parent c63bc32c2c
commit 32fecad80a
4 changed files with 37 additions and 69 deletions
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.186 2002/06/14 04:23:17 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.187 2002/06/15 22:06:09 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -61,13 +61,6 @@ inet_aton(const char *cp, struct in_addr * inp)
 }
 #endif

-#ifdef USE_SSL
-extern int secure_initialize(PGconn *);
-extern void secure_destroy(void);
-extern int secure_open_client(PGconn *);
-extern void secure_close(PGconn *);
-extern SSL * PQgetssl(PGconn *);
-#endif

 #define NOTIFYLIST_INITIAL_SIZE 10
 #define NOTIFYLIST_GROWBY 10
@ -968,7 +961,8 @@ retry2:
 		}
 		if (SSLok == 'S')
 		{
-			if (secure_initialize(conn) == -1 || secure_open_client(conn) == -1)
+			if (pqsecure_initialize(conn) == -1 ||
+				pqsecure_open_client(conn) == -1)
 			{
 				goto connect_errReturn;
 			}
@ -979,7 +973,7 @@ retry2:
 			/* Received error - probably protocol mismatch */
 			if (conn->Pfdebug)
 				fprintf(conn->Pfdebug, "Postmaster reports error, attempting fallback to pre-7.0.\n");
-			secure_close(conn);
+			pqsecure_close(conn);
 #ifdef WIN32
 			closesocket(conn->sock);
 #else
@ -1021,7 +1015,7 @@ retry2:
 connect_errReturn:
 	if (conn->sock >= 0)
 	{
-		secure_close(conn);
+		pqsecure_close(conn);
 #ifdef WIN32
 		closesocket(conn->sock);
 #else
@ -1896,11 +1890,9 @@ freePGconn(PGconn *conn)
 	if (!conn)
 		return;
 	pqClearAsyncResult(conn);	/* deallocate result and curTuple */
-#ifdef USE_SSL
-	secure_close(conn);
-#endif
 	if (conn->sock >= 0)
 	{
+		pqsecure_close(conn);
 #ifdef WIN32
 		closesocket(conn->sock);
 #else
@ -1974,7 +1966,7 @@ closePGconn(PGconn *conn)
 	 */
 	if (conn->sock >= 0)
 	{
-		secure_close(conn);
+		pqsecure_close(conn);
 #ifdef WIN32
 		closesocket(conn->sock);
 #else
--- a/src/interfaces/libpq/fe-misc.c
+++ b/src/interfaces/libpq/fe-misc.c
@ -25,7 +25,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.74 2002/06/15 20:01:31 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.75 2002/06/15 22:06:09 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -55,10 +55,6 @@
 #include "mb/pg_wchar.h"
 #endif

-extern void secure_close(PGconn *);
-extern ssize_t secure_read(PGconn *, void *, size_t);
-extern ssize_t secure_write(PGconn *, const void *, size_t);
-
 #define DONOTICE(conn,message) \
 	((*(conn)->noticeHook) ((conn)->noticeArg, (message)))

@ -490,8 +486,8 @@ pqReadData(PGconn *conn)

 	/* OK, try to read some data */
 retry3:
-	nread = secure_read(conn, conn->inBuffer + conn->inEnd,
-						conn->inBufSize - conn->inEnd);
+	nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd,
+						 conn->inBufSize - conn->inEnd);
 	if (nread < 0)
 	{
 		if (SOCK_ERRNO == EINTR)
@ -570,8 +566,8 @@ retry3:
 	 * arrived.
 	 */
 retry4:
-	nread = secure_read(conn, conn->inBuffer + conn->inEnd,
-						conn->inBufSize - conn->inEnd);
+	nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd,
+						  conn->inBufSize - conn->inEnd);
 	if (nread < 0)
 	{
 		if (SOCK_ERRNO == EINTR)
@ -612,7 +608,7 @@ definitelyFailed:
 			   "\tThis probably means the server terminated abnormally\n"
 						 "\tbefore or while processing the request.\n"));
 	conn->status = CONNECTION_BAD;		/* No more connection to backend */
-	secure_close(conn);
+	pqsecure_close(conn);
 #ifdef WIN32
 	closesocket(conn->sock);
 #else
@ -654,7 +650,7 @@ pqSendSome(PGconn *conn)
 	{
 		int			sent;

-		sent = secure_write(conn, ptr, len);
+		sent = pqsecure_write(conn, ptr, len);

 		if (sent < 0)
 		{
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@ -1,6 +1,6 @@
 /*-------------------------------------------------------------------------
 *
- * fe-connect.c
+ * fe-secure.c
 *	  functions related to setting up a secure connection to the backend.
 *	  Secure connections are expected to provide confidentiality,
 *	  message integrity and endpoint authentication.
@ -11,7 +11,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.4 2002/06/14 04:38:04 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.5 2002/06/15 22:06:09 tgl Exp $
 *	  
 * NOTES
 *	  The client *requires* a valid server certificate.  Since
@ -26,7 +26,7 @@
 *	  to sign the server certificate, should be present in the
 *	  "$HOME/.postgresql/root.crt" file.  If this file isn't
 *	  readable, or the server certificate can't be validated, 
- *	  secure_open_client() will return an error code.
+ *	  pqsecure_open_client() will return an error code.
 *
 *	  Additionally, the server certificate's "common name" must
 *	  resolve to the other end of the socket.  This makes it
@ -38,7 +38,7 @@
 *	  Unfortunately neither the current front- or back-end handle
 *	  failure gracefully, resulting in the backend hiccupping.
 *	  This points out problems in each (the frontend shouldn't even
- *	  try to do SSL if secure_initialize() fails, and the backend
+ *	  try to do SSL if pqsecure_initialize() fails, and the backend
 *	  shouldn't crash/recover if an SSH negotiation fails.  The 
 *	  backend definitely needs to be fixed, to prevent a "denial
 *	  of service" attack, but I don't know enough about how the 
@ -76,30 +76,6 @@
 *	  The code currently assumes a POSIX password entry.  How should
 *	  Windows and Mac users be handled?
 *
- * PATCH LEVEL
- *	  milestone 1: fix basic coding errors
- *	  [*] existing SSL code pulled out of existing files.
- *	  [*] SSL_get_error() after SSL_read() and SSL_write(),
- *	      SSL_shutdown(), default to TLSv1.
- *	
- *	  milestone 2: provide endpoint authentication (server)
- *	  [*] client verifies server cert
- *	  [*] client verifies server hostname
- *
- *	  milestone 3: improve confidentially, support perfect forward secrecy
- *	  [ ] use 'random' file, read from '/dev/urandom?'
- *	  [*] emphermal DH keys, default values
- *
- *	  milestone 4: provide endpoint authentication (client)
- *	  [*] server verifies client certificates
- *
- *	  milestone 5: provide informational callbacks
- *	  [*] provide informational callbacks
- *
- *	  other changes
- *	  [ ] tcp-wrappers
- *	  [ ] more informative psql
- *
 *-------------------------------------------------------------------------
 */

@ -142,12 +118,6 @@
 #include <openssl/e_os.h>
 #endif /* USE_SSL */

-int secure_initialize(PGconn *);
-void secure_destroy(void);
-int secure_open_client(PGconn *);
-void secure_close(PGconn *);
-ssize_t secure_read(PGconn *, void *ptr, size_t len);
-ssize_t secure_write(PGconn *, const void *ptr, size_t len);

 #ifdef USE_SSL
 static int verify_cb(int ok, X509_STORE_CTX *ctx);
@ -228,7 +198,7 @@ KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=\n\
 *	Initialize global context
 */
 int
-secure_initialize (PGconn *conn)
+pqsecure_initialize (PGconn *conn)
 {
 	int r = 0;

@ -243,7 +213,7 @@ secure_initialize (PGconn *conn)
 *	Destroy global context
 */
 void
-secure_destroy (void)
+pqsecure_destroy (void)
 {
 #ifdef USE_SSL
 	destroy_SSL();
@ -254,7 +224,7 @@ secure_destroy (void)
 *	Attempt to negotiate secure session.
 */
 int 
-secure_open_client (PGconn *conn)
+pqsecure_open_client (PGconn *conn)
 {
 	int r = 0;

@ -269,7 +239,7 @@ secure_open_client (PGconn *conn)
 *	Close secure session.
 */
 void
-secure_close (PGconn *conn)
+pqsecure_close (PGconn *conn)
 {
 #ifdef USE_SSL
 	if (conn->ssl)
@ -281,7 +251,7 @@ secure_close (PGconn *conn)
 *	Read data from a secure connection.
 */
 ssize_t
-secure_read (PGconn *conn, void *ptr, size_t len)
+pqsecure_read (PGconn *conn, void *ptr, size_t len)
 {
 	ssize_t n;

@ -306,7 +276,7 @@ secure_read (PGconn *conn, void *ptr, size_t len)
 				libpq_gettext("SSL error: %s\n"), SSLerrmessage());
 			/* fall through */
 		case SSL_ERROR_ZERO_RETURN:
-			secure_close(conn);
+			pqsecure_close(conn);
 			SOCK_ERRNO = ECONNRESET;
 			n = -1;
 			break;
@ -323,7 +293,7 @@ secure_read (PGconn *conn, void *ptr, size_t len)
 *	Write data to a secure connection.
 */
 ssize_t
-secure_write (PGconn *conn, const void *ptr, size_t len)
+pqsecure_write (PGconn *conn, const void *ptr, size_t len)
 {
 	ssize_t n;

@ -352,7 +322,7 @@ secure_write (PGconn *conn, const void *ptr, size_t len)
 				libpq_gettext("SSL error: %s\n"), SSLerrmessage());
 			/* fall through */
 		case SSL_ERROR_ZERO_RETURN:
-			secure_close(conn);
+			pqsecure_close(conn);
 			SOCK_ERRNO = ECONNRESET;
 			n = -1;
 			break;
@ -925,4 +895,5 @@ PQgetssl(PGconn *conn)
 		return NULL;
 	return conn->ssl;
 }
+
 #endif /* USE_SSL */
--- a/src/interfaces/libpq/libpq-int.h
+++ b/src/interfaces/libpq/libpq-int.h
@ -12,7 +12,7 @@
 * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $Id: libpq-int.h,v 1.49 2002/06/14 04:23:17 momjian Exp $
+ * $Id: libpq-int.h,v 1.50 2002/06/15 22:06:09 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -331,6 +331,15 @@ extern int	pqWait(int forRead, int forWrite, PGconn *conn);
 extern int	pqReadReady(PGconn *conn);
 extern int	pqWriteReady(PGconn *conn);

+/* === in fe-secure.c === */
+
+extern int pqsecure_initialize(PGconn *);
+extern void pqsecure_destroy(void);
+extern int pqsecure_open_client(PGconn *);
+extern void pqsecure_close(PGconn *);
+extern ssize_t pqsecure_read(PGconn *, void *ptr, size_t len);
+extern ssize_t pqsecure_write(PGconn *, const void *ptr, size_t len);
+
 /* bits in a byte */
 #define BYTELEN 8