diff options
| author | Michael Paquier <michael@paquier.xyz> | 2020-04-30 13:39:10 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2020-04-30 13:39:10 +0900 |
| commit | 401aad67045b2d467571b54abe229fdd115a228c (patch) | |
| tree | 54d04d6e61baf739682eba1cf082c48ba9af4e43 /src/interfaces/libpq/fe-connect.c | |
| parent | 4ad047a6eac356436b88681a9383a52cde2ffe9c (diff) | |
| download | postgresql-401aad67045b2d467571b54abe229fdd115a228c.tar.gz postgresql-401aad67045b2d467571b54abe229fdd115a228c.zip | |
Rename connection parameters to control min/max SSL protocol version in libpq
The libpq parameters ssl{max|min}protocolversion are renamed to use
underscores, to become ssl_{max|min}_protocol_version. The related
environment variables still use the names introduced in commit ff8ca5f
that added the feature.
Per complaint from Peter Eisentraut (this was also mentioned by me in
the original patch review but the issue got discarded).
Author: Daniel Gustafsson
Reviewed-by: Peter Eisentraut, Michael Paquier
Discussion: https://postgr.es/m/b319e449-318d-e691-4997-1327e166fcc4@2ndquadrant.com
Diffstat (limited to 'src/interfaces/libpq/fe-connect.c')
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 0157c619aac..23be9a66cb2 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -320,13 +320,13 @@ static const internalPQconninfoOption PQconninfoOptions[] = { "Require-Peer", "", 10, offsetof(struct pg_conn, requirepeer)}, - {"sslminprotocolversion", "PGSSLMINPROTOCOLVERSION", NULL, NULL, + {"ssl_min_protocol_version", "PGSSLMINPROTOCOLVERSION", NULL, NULL, "SSL-Minimum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */ - offsetof(struct pg_conn, sslminprotocolversion)}, + offsetof(struct pg_conn, ssl_min_protocol_version)}, - {"sslmaxprotocolversion", "PGSSLMAXPROTOCOLVERSION", NULL, NULL, + {"ssl_max_protocol_version", "PGSSLMAXPROTOCOLVERSION", NULL, NULL, "SSL-Maximum-Protocol-Version", "", 8, /* sizeof("TLSv1.x") == 8 */ - offsetof(struct pg_conn, sslmaxprotocolversion)}, + offsetof(struct pg_conn, ssl_max_protocol_version)}, /* * As with SSL, all GSS options are exposed even in builds that don't have @@ -1301,23 +1301,23 @@ connectOptions2(PGconn *conn) } /* - * Validate TLS protocol versions for sslminprotocolversion and - * sslmaxprotocolversion. + * Validate TLS protocol versions for ssl_min_protocol_version and + * ssl_max_protocol_version. */ - if (!sslVerifyProtocolVersion(conn->sslminprotocolversion)) + if (!sslVerifyProtocolVersion(conn->ssl_min_protocol_version)) { conn->status = CONNECTION_BAD; printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("invalid sslminprotocolversion value: \"%s\"\n"), - conn->sslminprotocolversion); + libpq_gettext("invalid ssl_min_protocol_version value: \"%s\"\n"), + conn->ssl_min_protocol_version); return false; } - if (!sslVerifyProtocolVersion(conn->sslmaxprotocolversion)) + if (!sslVerifyProtocolVersion(conn->ssl_max_protocol_version)) { conn->status = CONNECTION_BAD; printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("invalid sslmaxprotocolversion value: \"%s\"\n"), - conn->sslmaxprotocolversion); + libpq_gettext("invalid ssl_max_protocol_version value: \"%s\"\n"), + conn->ssl_max_protocol_version); return false; } @@ -1328,8 +1328,8 @@ connectOptions2(PGconn *conn) * already-built SSL context when the connection is being established, as * it would be doomed anyway. */ - if (!sslVerifyProtocolRange(conn->sslminprotocolversion, - conn->sslmaxprotocolversion)) + if (!sslVerifyProtocolRange(conn->ssl_min_protocol_version, + conn->ssl_max_protocol_version)) { conn->status = CONNECTION_BAD; printfPQExpBuffer(&conn->errorMessage, @@ -4046,10 +4046,10 @@ freePGconn(PGconn *conn) free(conn->sslcompression); if (conn->requirepeer) free(conn->requirepeer); - if (conn->sslminprotocolversion) - free(conn->sslminprotocolversion); - if (conn->sslmaxprotocolversion) - free(conn->sslmaxprotocolversion); + if (conn->ssl_min_protocol_version) + free(conn->ssl_min_protocol_version); + if (conn->ssl_max_protocol_version) + free(conn->ssl_max_protocol_version); if (conn->gssencmode) free(conn->gssencmode); if (conn->krbsrvname) @@ -7120,7 +7120,7 @@ pgpassfileWarning(PGconn *conn) /* * Check if the SSL procotol value given in input is valid or not. * This is used as a sanity check routine for the connection parameters - * sslminprotocolversion and sslmaxprotocolversion. + * ssl_min_protocol_version and ssl_max_protocol_version. */ static bool sslVerifyProtocolVersion(const char *version) |