| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | "G(dot) Anthony Reina" <gar8+(at)pitt(dot)edu> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Does libpq have SSL functions? |
| Date: | 2003-04-15 22:04:17 |
| Message-ID: | 200304152204.h3FM4HD12837@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Your Pgconn already is SSL encrypted.
---------------------------------------------------------------------------
G. Anthony Reina wrote:
> Thanks for the reply Bruce.
>
> Yes, I'm aware of the pg_hba.conf setting to require SSL connections,
> however I was specifically asking if the C library for PostgreSQL had SSL
> functions built in to relieve me of actually having to write the code for
> the connections.
>
> That is, do I specifically have to negotiate the SSL connections in my
> program (i.e. ssl = SSL_new(ctx); if (SSL_connect(ssl)<=0) ...). Or, will
> the "conn = PQsetdb(pghost, pgport, pgoptions, pgtty, dbName); " already
> setup conn as an SSL connection for me if I specify requiressl?
>
> I think it is probably the former, but I'd hate to be reinventing the wheel
> and encrypting an already encrypted connection.
>
> Thanks.
> -Tony
>
>
>
> --On Tuesday, April 15, 2003 5:19 PM -0400 Bruce Momjian
> <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:r
>
> >
> > Yes. Take a look at pg_hba.conf's hostssl option. That will force SSL
> > for certain hosts. You can also use 'requiressl' in your libpq
> > connection string.
> >
> > -------------------------------------------------------------------------
> > --
> >
> > Tony Reina wrote:
> >> I'd like to build some SSL functionality into my C functions that
> >> access the PostgreSQL database. My C functions are calling the
> >> routines from libpq. By chance, are there any SSL functions inherent
> >> to libpq for establishing a secure connection to the postmaster?
> >>
> >> I mention this because I noticed in the source code for psql, the c
> >> file startup.c has the following line:
> >>
> >> ssl = PQgetssl(pset.db);
> >>
> >> I didn't seem to find any other SSL references in the /src/bin/psql
> >> directory using grep, but I know that psql can be built with SSL
> >> support so I was hoping to use the code for that as a template.
> >>
> >> Thanks.
> >> -Tony
>
>
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron Mayer | 2003-04-15 22:07:07 | Re: Are we losing momentum? |
| Previous Message | ow | 2003-04-15 21:58:24 | Re: Are we losing momentum? |