I just noticed that if you have libpq with SSL support, but psql without, we don't print any SSL information at all. Would it be worthwhile to have it print that SSL is in use, even if we can't print the details about the connection?
It's not something that's very common outside development scenarios, but it would be trivial to implement. And the net would probably be a code-win, since we could remove a number of #ifdef USE_SSL and replace them with one - see attached (untested so may have typos) patch. //Magnus
diff --git a/src/bin/psql/command.c b/src/bin/psql/command.c index 84d3725..b8e18cb 100644 --- a/src/bin/psql/command.c +++ b/src/bin/psql/command.c @@ -64,9 +64,7 @@ static bool lookup_function_oid(PGconn *conn, const char *desc, Oid *foid); static bool get_create_function_cmd(PGconn *conn, Oid oid, PQExpBuffer buf); static void minimal_error_message(PGresult *res); -#ifdef USE_SSL static void printSSLInfo(void); -#endif #ifdef WIN32 static void checkWin32Codepage(void); @@ -1327,9 +1325,7 @@ connection_warnings(void) #ifdef WIN32 checkWin32Codepage(); #endif -#ifdef USE_SSL printSSLInfo(); -#endif } } @@ -1339,10 +1335,10 @@ connection_warnings(void) * * Prints information about the current SSL connection, if SSL is in use */ -#ifdef USE_SSL static void printSSLInfo(void) { +#ifdef USE_SSL int sslbits = -1; SSL *ssl; @@ -1353,8 +1349,11 @@ printSSLInfo(void) SSL_get_cipher_bits(ssl, &sslbits); printf(_("SSL connection (cipher: %s, bits: %i)\n"), SSL_get_cipher(ssl), sslbits); -} +#else + if (PQgetssl(pset.db)) + printf(_("SSL connection\n")); #endif +} /*
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers