aboutsummaryrefslogtreecommitdiff
path: root/src/interfaces/libpq/fe-connect.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/interfaces/libpq/fe-connect.c')
-rw-r--r--src/interfaces/libpq/fe-connect.c37
1 files changed, 12 insertions, 25 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 3ca7e0560cd..cb3c431e328 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -304,6 +304,10 @@ static const internalPQconninfoOption PQconninfoOptions[] = {
"SSL-Client-Key", "", 64,
offsetof(struct pg_conn, sslkey)},
+ {"sslpassword", NULL, NULL, NULL,
+ "SSL-Client-Key-Password", "*", 20,
+ offsetof(struct pg_conn, sslpassword)},
+
{"sslrootcert", "PGSSLROOTCERT", NULL, NULL,
"SSL-Root-Certificate", "", 64,
offsetof(struct pg_conn, sslrootcert)},
@@ -317,30 +321,21 @@ static const internalPQconninfoOption PQconninfoOptions[] = {
offsetof(struct pg_conn, requirepeer)},
/*
- * Expose gssencmode similarly to sslmode - we can still handle "disable"
- * and "prefer".
+ * As with SSL, all GSS options are exposed even in builds that don't have
+ * support.
*/
{"gssencmode", "PGGSSENCMODE", DefaultGSSMode, NULL,
"GSSENC-Mode", "", 7, /* sizeof("disable") == 7 */
offsetof(struct pg_conn, gssencmode)},
-#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
/* Kerberos and GSSAPI authentication support specifying the service name */
{"krbsrvname", "PGKRBSRVNAME", PG_KRB_SRVNAM, NULL,
"Kerberos-service-name", "", 20,
offsetof(struct pg_conn, krbsrvname)},
-#endif
-
-#if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
- /*
- * GSSAPI and SSPI both enabled, give a way to override which is used by
- * default
- */
{"gsslib", "PGGSSLIB", NULL, NULL,
"GSS-library", "", 7, /* sizeof("gssapi") = 7 */
offsetof(struct pg_conn, gsslib)},
-#endif
{"replication", NULL, NULL, NULL,
"Replication", "D", 5,
@@ -351,10 +346,6 @@ static const internalPQconninfoOption PQconninfoOptions[] = {
"Target-Session-Attrs", "", 11, /* sizeof("read-write") = 11 */
offsetof(struct pg_conn, target_session_attrs)},
- {"sslpassword", NULL, NULL, NULL,
- "SSL-Client-Key-Password", "*", 20,
- offsetof(struct pg_conn, sslpassword)},
-
/* Terminating entry --- MUST BE LAST */
{NULL, NULL, NULL, NULL,
NULL, NULL, 0}
@@ -3983,6 +3974,8 @@ freePGconn(PGconn *conn)
free(conn->sslcert);
if (conn->sslkey)
free(conn->sslkey);
+ if (conn->sslpassword)
+ free(conn->sslpassword);
if (conn->sslrootcert)
free(conn->sslrootcert);
if (conn->sslcrl)
@@ -3991,14 +3984,14 @@ freePGconn(PGconn *conn)
free(conn->sslcompression);
if (conn->requirepeer)
free(conn->requirepeer);
- if (conn->connip)
- free(conn->connip);
if (conn->gssencmode)
free(conn->gssencmode);
-#if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
if (conn->krbsrvname)
free(conn->krbsrvname);
-#endif
+ if (conn->gsslib)
+ free(conn->gsslib);
+ if (conn->connip)
+ free(conn->connip);
#ifdef ENABLE_GSS
if (conn->gcred != GSS_C_NO_CREDENTIAL)
{
@@ -4015,10 +4008,6 @@ freePGconn(PGconn *conn)
conn->gctx = NULL;
}
#endif
-#if defined(ENABLE_GSS) && defined(ENABLE_SSPI)
- if (conn->gsslib)
- free(conn->gsslib);
-#endif
/* Note that conn->Pfdebug is not ours to close or free */
if (conn->last_query)
free(conn->last_query);
@@ -4034,8 +4023,6 @@ freePGconn(PGconn *conn)
free(conn->target_session_attrs);
termPQExpBuffer(&conn->errorMessage);
termPQExpBuffer(&conn->workBuffer);
- if (conn->sslpassword)
- free(conn->sslpassword);
free(conn);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 18:57:46 +0000