Rename PQsetSSLKeyPassHook and friends
4dc6355210
provided a way for libraries and clients to modify how libpq
handles client certificate passphrases, by installing a hook. However,
these routines are quite specific to how OpenSSL works, so it's
misleading and not future-proof to have these names not refer to OpenSSL.
Change all the names to add "_OpenSSL" after "Hook", and fix the docs
accordingly.
Author: Daniel Gustafsson
Discussion: https://postgr.es/m/981DE552-E399-45C2-9F60-3F0E3770CC61@yesql.se
This commit is contained in:
parent
1cbc143f06
commit
36d1087611
|
@ -777,16 +777,16 @@ PGPing PQping(const char *conninfo);
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry id="libpq-pqsetsslkeypasshook">
|
<varlistentry id="libpq-pqsetsslkeypasshook">
|
||||||
<term><function>PQsetSSLKeyPassHook</function><indexterm><primary>PQsetSSLKeyPassHook</primary></indexterm></term>
|
<term><function>PQsetSSLKeyPassHook_OpenSSL</function><indexterm><primary>PQsetSSLKeyPassHook_OpenSSL</primary></indexterm></term>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
<function>PQsetSSLKeyPassHook</function> lets an application override
|
<function>PQsetSSLKeyPassHook_OpenSSL</function> lets an application override
|
||||||
<literal>libpq</literal>'s <link linkend="libpq-ssl-clientcert">default
|
<literal>libpq</literal>'s <link linkend="libpq-ssl-clientcert">default
|
||||||
handling of encrypted client certificate key files</link> using
|
handling of encrypted client certificate key files</link> using
|
||||||
<xref linkend="libpq-connect-sslpassword"/> or interactive prompting.
|
<xref linkend="libpq-connect-sslpassword"/> or interactive prompting.
|
||||||
|
|
||||||
<synopsis>
|
<synopsis>
|
||||||
void PQsetSSLKeyPassHook(PQsslKeyPassHook_type hook);
|
void PQsetSSLKeyPassHook_OpenSSL(PQsslKeyPassHook_OpenSSL_type hook);
|
||||||
</synopsis>
|
</synopsis>
|
||||||
|
|
||||||
The application passes a pointer to a callback function with signature:
|
The application passes a pointer to a callback function with signature:
|
||||||
|
@ -794,13 +794,13 @@ void PQsetSSLKeyPassHook(PQsslKeyPassHook_type hook);
|
||||||
int callback_fn(char *buf, int size, PGconn *conn);
|
int callback_fn(char *buf, int size, PGconn *conn);
|
||||||
</programlisting>
|
</programlisting>
|
||||||
which <literal>libpq</literal> will then call <emphasis>instead of</emphasis>
|
which <literal>libpq</literal> will then call <emphasis>instead of</emphasis>
|
||||||
its default <function>PQdefaultSSLKeyPassHook</function> handler. The callback
|
its default <function>PQdefaultSSLKeyPassHook_OpenSSL</function> handler. The callback
|
||||||
should determine the password for the key and copy it to result-buffer
|
should determine the password for the key and copy it to result-buffer
|
||||||
<literal>buf</literal> of size <literal>size</literal>. The string in <literal>
|
<literal>buf</literal> of size <literal>size</literal>. The string in <literal>
|
||||||
buf</literal> must be null-terminated. The callback must return the length of
|
buf</literal> must be null-terminated. The callback must return the length of
|
||||||
the password stored in <literal>buf</literal> excluding the null terminator.
|
the password stored in <literal>buf</literal> excluding the null terminator.
|
||||||
On failure, the callback should set <literal>buf[0] = '\0'</literal> and return 0.
|
On failure, the callback should set <literal>buf[0] = '\0'</literal> and return 0.
|
||||||
See <function>PQdefaultSSLKeyPassHook</function> in <literal>libpq</literal>'s
|
See <function>PQdefaultSSLKeyPassHook_OpenSSL</function> in <literal>libpq</literal>'s
|
||||||
source code for an example.
|
source code for an example.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
@ -814,7 +814,7 @@ int callback_fn(char *buf, int size, PGconn *conn);
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The app callback may choose to delegate unhandled cases to
|
The app callback may choose to delegate unhandled cases to
|
||||||
<function>PQdefaultSSLKeyPassHook</function>,
|
<function>PQdefaultSSLKeyPassHook_OpenSSL</function>,
|
||||||
or call it first and try something else if it returns 0, or completely override it.
|
or call it first and try something else if it returns 0, or completely override it.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
@ -835,7 +835,7 @@ int callback_fn(char *buf, int size, PGconn *conn);
|
||||||
if none has been set.
|
if none has been set.
|
||||||
|
|
||||||
<synopsis>
|
<synopsis>
|
||||||
PQsslKeyPassHook_type PQgetSSLKeyPassHook(void);
|
PQsslKeyPassHook_OpenSSL_type PQgetSSLKeyPassHook(void);
|
||||||
</synopsis>
|
</synopsis>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
|
|
@ -95,7 +95,7 @@ static long win32_ssl_create_mutex = 0;
|
||||||
#endif
|
#endif
|
||||||
#endif /* ENABLE_THREAD_SAFETY */
|
#endif /* ENABLE_THREAD_SAFETY */
|
||||||
|
|
||||||
static PQsslKeyPassHook_type PQsslKeyPassHook = NULL;
|
static PQsslKeyPassHook_OpenSSL_type PQsslKeyPassHook = NULL;
|
||||||
static int ssl_protocol_version_to_openssl(const char *protocol);
|
static int ssl_protocol_version_to_openssl(const char *protocol);
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
@ -1669,7 +1669,7 @@ err:
|
||||||
* prevent openssl from ever prompting on stdin.
|
* prevent openssl from ever prompting on stdin.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
PQdefaultSSLKeyPassHook(char *buf, int size, PGconn *conn)
|
PQdefaultSSLKeyPassHook_OpenSSL(char *buf, int size, PGconn *conn)
|
||||||
{
|
{
|
||||||
if (conn->sslpassword)
|
if (conn->sslpassword)
|
||||||
{
|
{
|
||||||
|
@ -1686,14 +1686,14 @@ PQdefaultSSLKeyPassHook(char *buf, int size, PGconn *conn)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
PQsslKeyPassHook_type
|
PQsslKeyPassHook_OpenSSL_type
|
||||||
PQgetSSLKeyPassHook(void)
|
PQgetSSLKeyPassHook(void)
|
||||||
{
|
{
|
||||||
return PQsslKeyPassHook;
|
return PQsslKeyPassHook;
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
PQsetSSLKeyPassHook(PQsslKeyPassHook_type hook)
|
PQsetSSLKeyPassHook_OpenSSL(PQsslKeyPassHook_OpenSSL_type hook)
|
||||||
{
|
{
|
||||||
PQsslKeyPassHook = hook;
|
PQsslKeyPassHook = hook;
|
||||||
}
|
}
|
||||||
|
@ -1711,7 +1711,7 @@ PQssl_passwd_cb(char *buf, int size, int rwflag, void *userdata)
|
||||||
if (PQsslKeyPassHook)
|
if (PQsslKeyPassHook)
|
||||||
return PQsslKeyPassHook(buf, size, conn);
|
return PQsslKeyPassHook(buf, size, conn);
|
||||||
else
|
else
|
||||||
return PQdefaultSSLKeyPassHook(buf, size, conn);
|
return PQdefaultSSLKeyPassHook_OpenSSL(buf, size, conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -431,20 +431,20 @@ PQsslAttributeNames(PGconn *conn)
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
PQsslKeyPassHook_type
|
PQsslKeyPassHook_OpenSSL_type
|
||||||
PQgetSSLKeyPassHook(void)
|
PQgetSSLKeyPassHook_OpenSSL(void)
|
||||||
{
|
{
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
PQsetSSLKeyPassHook(PQsslKeyPassHook_type hook)
|
PQsetSSLKeyPassHook_OpenSSL(PQsslKeyPassHook_OpenSSL_type hook)
|
||||||
{
|
{
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
PQdefaultSSLKeyPassHook(char *buf, int size, PGconn *conn)
|
PQdefaultSSLKeyPassHook_OpenSSL(char *buf, int size, PGconn *conn)
|
||||||
{
|
{
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -617,13 +617,13 @@ extern int pg_char_to_encoding(const char *name);
|
||||||
extern const char *pg_encoding_to_char(int encoding);
|
extern const char *pg_encoding_to_char(int encoding);
|
||||||
extern int pg_valid_server_encoding_id(int encoding);
|
extern int pg_valid_server_encoding_id(int encoding);
|
||||||
|
|
||||||
/* == in fe-secure-openssl.c === */
|
/* === in fe-secure-openssl.c === */
|
||||||
|
|
||||||
/* Support for overriding sslpassword handling with a callback. */
|
/* Support for overriding sslpassword handling with a callback. */
|
||||||
typedef int (*PQsslKeyPassHook_type) (char *buf, int size, PGconn *conn);
|
typedef int (*PQsslKeyPassHook_OpenSSL_type) (char *buf, int size, PGconn *conn);
|
||||||
extern PQsslKeyPassHook_type PQgetSSLKeyPassHook(void);
|
extern PQsslKeyPassHook_OpenSSL_type PQgetSSLKeyPassHook(void);
|
||||||
extern void PQsetSSLKeyPassHook(PQsslKeyPassHook_type hook);
|
extern void PQsetSSLKeyPassHook_OpenSSL(PQsslKeyPassHook_OpenSSL_type hook);
|
||||||
extern int PQdefaultSSLKeyPassHook(char *buf, int size, PGconn *conn);
|
extern int PQdefaultSSLKeyPassHook_OpenSSL(char *buf, int size, PGconn *conn);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue