The attached patch enables libpq to be linked with ssl support (openssl
0.9.7.b tested).
Client certificates are commented out because the implementation is *nix
specific, regarding the location resolution of the .pem files. It needs
to be discussed where these files should be located. For NT/W2K and up,
the natural way would be using GetUserProfileDirectory, but this would
exclude Win9x.
Regards,
Andreas
RCS file: /projects/cvsroot/pgsql-server/src/interfaces/libpq/fe-secure.c,v
retrieving revision 1.29
diff -u -r1.29 fe-secure.c
--- fe-secure.c 4 Aug 2003 17:25:14 -0000 1.29
+++ fe-secure.c 24 Aug 2003 23:24:49 -0000
@@ -312,7 +312,7 @@
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
- SOCK_ERRNO = ECONNRESET;
+ SOCK_ERRNO_SET(ECONNRESET);
n = -1;
}
break;
@@ -322,7 +322,7 @@
libpq_gettext("SSL error: %s\n"), SSLerrmessage());
/* fall through */
case SSL_ERROR_ZERO_RETURN:
- SOCK_ERRNO = ECONNRESET;
+ SOCK_ERRNO_SET(ECONNRESET);
n = -1;
break;
default:
@@ -383,7 +383,7 @@
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
- SOCK_ERRNO = ECONNRESET;
+ SOCK_ERRNO_SET(ECONNRESET);
n = -1;
}
break;
@@ -393,7 +393,7 @@
libpq_gettext("SSL error: %s\n"), SSLerrmessage());
/* fall through */
case SSL_ERROR_ZERO_RETURN:
- SOCK_ERRNO = ECONNRESET;
+ SOCK_ERRNO_SET(ECONNRESET);
n = -1;
break;
default:
@@ -544,6 +544,9 @@
static DH *
load_dh_file(int keylength)
{
+#ifdef WIN32
+ return NULL;
+#else
char pwdbuf[BUFSIZ];
struct passwd pwdstr;
struct passwd *pwd = NULL;
@@ -558,6 +561,7 @@
/* attempt to open file. It's not an error if it doesn't exist. */
snprintf(fnbuf, sizeof fnbuf, "%s/.postgresql/dh%d.pem",
pwd->pw_dir, keylength);
+
if ((fp = fopen(fnbuf, "r")) == NULL)
return NULL;
@@ -583,6 +587,7 @@
}
return dh;
+#endif
}
/*
@@ -686,6 +691,9 @@
static int
client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
{
+#ifdef WIN32
+ return 0;
+#else
char pwdbuf[BUFSIZ];
struct passwd pwdstr;
struct passwd *pwd = NULL;
@@ -785,6 +793,7 @@
}
return 1;
+#endif
}
/*
@@ -793,11 +802,13 @@
static int
initialize_SSL(PGconn *conn)
{
+#ifndef WIN32
struct stat buf;
char pwdbuf[BUFSIZ];
struct passwd pwdstr;
struct passwd *pwd = NULL;
char fnbuf[2048];
+#endif
if (!SSL_context)
{
@@ -813,6 +824,7 @@
}
}
+#ifndef WIN32
if (pqGetpwuid(getuid(), &pwdstr, pwdbuf, sizeof(pwdbuf), &pwd) == 0)
{
snprintf(fnbuf, sizeof fnbuf, "%s/.postgresql/root.crt",
@@ -849,6 +861,7 @@
/* set up mechanism to provide client certificate, if available */
SSL_CTX_set_client_cert_cb(SSL_context, client_cert_cb);
+#endif
return 0;
}
RCS file: /projects/cvsroot/pgsql-server/src/interfaces/libpq/libpq-int.h,v
retrieving revision 1.81
diff -u -r1.81 libpq-int.h
--- libpq-int.h 13 Aug 2003 18:56:21 -0000 1.81
+++ libpq-int.h 24 Aug 2003 23:25:46 -0000
@@ -465,9 +465,11 @@
#ifdef WIN32
#define SOCK_ERRNO (WSAGetLastError())
#define SOCK_STRERROR winsock_strerror
+#define SOCK_ERRNO_SET(e) WSASetLastError(e)
#else
#define SOCK_ERRNO errno
#define SOCK_STRERROR pqStrerror
+#define SOCK_ERRNO_SET(e) errno=e
#endif
#endif /* LIBPQ_INT_H */RCS file: /projects/cvsroot/pgsql-server/src/interfaces/libpq/win32.mak,v
retrieving revision 1.18
diff -u -r1.18 win32.mak
--- win32.mak 12 Jun 2003 08:15:29 -0000 1.18
+++ win32.mak 24 Aug 2003 23:32:42 -0000
@@ -8,7 +8,7 @@
!MESSAGE
!IFDEF DEBUG
-OPT=/Od
+OPT=/Od /Zi
LOPT=/debug
DEBUGDEF=/D _DEBUG
!ELSE
@@ -26,12 +26,16 @@
CPP=cl.exe
RSC=rc.exe
+!IFDEF DEBUG
+OUTDIR=.\Debug
+INTDIR=.\Debug
+CPP_OBJS=.\Debug/
+!ELSE
OUTDIR=.\Release
INTDIR=.\Release
+CPP_OBJS=.\Release/
+!ENDIF
-# Begin Custom Macros
-OutDir=.\Release
-# End Custom Macros
ALL : "$(OUTDIR)\libpq.lib" "$(OUTDIR)\libpq.dll"
@@ -72,16 +76,20 @@
"WIN32" /D "_WINDOWS" /Fp"$(INTDIR)\libpq.pch" /YX\
/Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c /D "HAVE_VSNPRINTF" /D "HAVE_STRDUP"
-CPP_OBJS=.\Release/
+!IFDEF USE_SSL
+CPP_PROJ=$(CPP_PROJ) /D USE_SSL
+SSL_LIBS=ssleay32.lib libeay32.lib gdi32.lib
+!ENDIF
+
CPP_SBRS=.
LIB32=link.exe -lib
LIB32_FLAGS=$(LOPT) /nologo /out:"$(OUTDIR)\libpq.lib"
LIB32_OBJS= \
- "$(OUTDIR)\win32.obj" \
+ "$(INTDIR)\win32.obj" \
"$(INTDIR)\getaddrinfo.obj" \
"$(INTDIR)\inet_aton.obj" \
- "$(INTDIR)\crypt.obj" \
+ "$(INTDIR)\crypt.obj" \
"$(INTDIR)\path.obj" \
"$(INTDIR)\dllist.obj" \
"$(INTDIR)\md5.obj" \
@@ -94,15 +102,17 @@
"$(INTDIR)\fe-lobj.obj" \
"$(INTDIR)\fe-misc.obj" \
"$(INTDIR)\fe-print.obj" \
+ "$(INTDIR)\thread.obj" \
"$(INTDIR)\fe-secure.obj" \
"$(INTDIR)\pqexpbuffer.obj" \
"$(INTDIR)\wchar.obj" \
"$(INTDIR)\encnames.obj"
+
RSC_PROJ=/l 0x409 /fo"$(INTDIR)\libpq.res"
LINK32=link.exe
-LINK32_FLAGS=kernel32.lib user32.lib advapi32.lib wsock32.lib\
+LINK32_FLAGS=kernel32.lib user32.lib advapi32.lib wsock32.lib $(SSL_LIBS) \
/nologo /subsystem:windows /dll $(LOPT) /incremental:no\
/pdb:"$(OUTDIR)\libpqdll.pdb" /machine:I386 /out:"$(OUTDIR)\libpq.dll"\
/implib:"$(OUTDIR)\libpqdll.lib" /def:libpqdll.def
@@ -126,38 +136,43 @@
$(LINK32_FLAGS) $(LINK32_OBJS)
<<
-"$(OUTDIR)\getaddrinfo.obj" : ..\..\port\getaddrinfo.c
+"$(INTDIR)\getaddrinfo.obj" : ..\..\port\getaddrinfo.c
$(CPP) @<<
$(CPP_PROJ) ..\..\port\getaddrinfo.c
<<
-"$(OUTDIR)\inet_aton.obj" : ..\..\port\inet_aton.c
+"$(INTDIR)\thread.obj" : ..\..\port\thread.c
+ $(CPP) @<<
+ $(CPP_PROJ) ..\..\port\thread.c
+<<
+
+"$(INTDIR)\inet_aton.obj" : ..\..\port\inet_aton.c
$(CPP) @<<
$(CPP_PROJ) ..\..\port\inet_aton.c
<<
-"$(OUTDIR)\crypt.obj" : ..\..\port\crypt.c
+"$(INTDIR)\crypt.obj" : ..\..\port\crypt.c
$(CPP) @<<
$(CPP_PROJ) ..\..\port\crypt.c
<<
-"$(OUTDIR)\path.obj" : ..\..\port\path.c
+"$(INTDIR)\path.obj" : ..\..\port\path.c
$(CPP) @<<
$(CPP_PROJ) ..\..\port\path.c
<<
-"$(OUTDIR)\dllist.obj" : ..\..\backend\lib\dllist.c
+"$(INTDIR)\dllist.obj" : ..\..\backend\lib\dllist.c
$(CPP) @<<
$(CPP_PROJ) ..\..\backend\lib\dllist.c
<<
-"$(OUTDIR)\md5.obj" : ..\..\backend\libpq\md5.c
+"$(INTDIR)\md5.obj" : ..\..\backend\libpq\md5.c
$(CPP) @<<
$(CPP_PROJ) ..\..\backend\libpq\md5.c
<<
-"$(OUTDIR)\ip.obj" : ..\..\backend\libpq\ip.c
+"$(INTDIR)\ip.obj" : ..\..\backend\libpq\ip.c
$(CPP) @<<
$(CPP_PROJ) ..\..\backend\libpq\ip.c
<<
