SSL and USER_CERT_FILE

From: "Mark Woodward" <pgsql(at)mohawksoft(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Subject: SSL and USER_CERT_FILE
Date: 2008-05-15 12:47:32
Message-ID: 47057.24.60.196.157.1210855652.squirrel@mail.mohawksoft.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

I am using PostgreSQL's SSL support and the conventions for the key and
certifications don't make sense from the client perspective. Especially
under Windows.

I am proposing a few simple changes:

Adding two API
void PQsetSSLUserCertFileName(char *filename)
{
user_crt_filename = strdup(filename);
}
PQsetSSLUserKeyFileName(char *filename)
{
user_key_filename = strdup(filename);
}

Adding two static vars in fe-secure.c

char *user_key_filename=NULL;
char *user_crt_filename=NULL;

In client_cert_cb(...)

Add:
if(user_crt_filename)
strncpy(fnbuf, sizeof(fnbuf), user_crt_filename);
else
snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USER_CERT_FILE);

and:

if(user_key_filename)
strncpy(fnbuf, sizeof(fnbuf), user_key_filename);
else
snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USER_KEY_FILE);

The purpose of these changes is to make it easier to configure SSL in an
application which uses libpq.

Any comments?

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message pgsql 2008-05-15 13:31:10 Re: SSL and USER_CERT_FILE
Previous Message Nikhils 2008-05-15 08:41:34 Re: Can't t compile current HEAD