Does libpq have SSL functions?
I'd like to build some SSL functionality into my C functions that
access the PostgreSQL database. My C functions are calling the
routines from libpq. By chance, are there any SSL functions inherent
to libpq for establishing a secure connection to the postmaster?
I mention this because I noticed in the source code for psql, the c
file startup.c has the following line:
ssl = PQgetssl(pset.db);
I didn't seem to find any other SSL references in the /src/bin/psql
directory using grep, but I know that psql can be built with SSL
support so I was hoping to use the code for that as a template.
Thanks.
-Tony
Yes. Take a look at pg_hba.conf's hostssl option. That will force SSL
for certain hosts. You can also use 'requiressl' in your libpq
connection string.
---------------------------------------------------------------------------
Tony Reina wrote:
I'd like to build some SSL functionality into my C functions that
access the PostgreSQL database. My C functions are calling the
routines from libpq. By chance, are there any SSL functions inherent
to libpq for establishing a secure connection to the postmaster?I mention this because I noticed in the source code for psql, the c
file startup.c has the following line:ssl = PQgetssl(pset.db);
I didn't seem to find any other SSL references in the /src/bin/psql
directory using grep, but I know that psql can be built with SSL
support so I was hoping to use the code for that as a template.Thanks.
-Tony---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073Your Pgconn already is SSL encrypted.
---------------------------------------------------------------------------
G. Anthony Reina wrote:
Thanks for the reply Bruce.
Yes, I'm aware of the pg_hba.conf setting to require SSL connections,
however I was specifically asking if the C library for PostgreSQL had SSL
functions built in to relieve me of actually having to write the code for
the connections.That is, do I specifically have to negotiate the SSL connections in my
program (i.e. ssl = SSL_new(ctx); if (SSL_connect(ssl)<=0) ...). Or, will
the "conn = PQsetdb(pghost, pgport, pgoptions, pgtty, dbName); " already
setup conn as an SSL connection for me if I specify requiressl?I think it is probably the former, but I'd hate to be reinventing the wheel
and encrypting an already encrypted connection.Thanks.
-Tony--On Tuesday, April 15, 2003 5:19 PM -0400 Bruce Momjian
<pgman@candle.pha.pa.us> wrote:rYes. Take a look at pg_hba.conf's hostssl option. That will force SSL
for certain hosts. You can also use 'requiressl' in your libpq
connection string.-------------------------------------------------------------------------
--Tony Reina wrote:
I'd like to build some SSL functionality into my C functions that
access the PostgreSQL database. My C functions are calling the
routines from libpq. By chance, are there any SSL functions inherent
to libpq for establishing a secure connection to the postmaster?I mention this because I noticed in the source code for psql, the c
file startup.c has the following line:ssl = PQgetssl(pset.db);
I didn't seem to find any other SSL references in the /src/bin/psql
directory using grep, but I know that psql can be built with SSL
support so I was hoping to use the code for that as a template.Thanks.
-Tony
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073Import Notes
Reply to msg id not found: 252671702.1050429776@dell1.neurobio.pitt.edu | Resolved by subject fallback