Provide a TLS init hook

The default hook function sets the default password callback function.
In order to allow preloaded libraries to have an opportunity to override
the default, TLS initialization if now delayed slightly until after
shared preloaded libraries have been loaded.

A test module is provided which contains a trivial example that decodes
an obfuscated password for an SSL certificate.

Author: Andrew Dunstan
Reviewed By: Andreas Karlsson, Asaba Takanori
Discussion: 
https://postgr.es/m/04116472-818b-5859-1d74-3d995aab2...@2ndquadrant.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/896fcdb230e729652d37270c8606ccdc45212f0d

Modified Files
--------------
src/backend/libpq/be-secure-openssl.c              | 48 +++++++-----
src/backend/postmaster/postmaster.c                | 22 +++---
src/include/libpq/libpq-be.h                       |  4 +
src/test/modules/Makefile                          |  5 ++
.../modules/ssl_passphrase_callback/.gitignore     |  1 +
src/test/modules/ssl_passphrase_callback/Makefile  | 24 ++++++
.../modules/ssl_passphrase_callback/server.crt     | 19 +++++
.../modules/ssl_passphrase_callback/server.key     | 30 ++++++++
.../ssl_passphrase_callback/ssl_passphrase_func.c  | 88 ++++++++++++++++++++++
.../ssl_passphrase_callback/t/001_testfunc.pl      | 80 ++++++++++++++++++++
src/tools/msvc/Mkvcbuild.pm                        |  2 +-
11 files changed, 292 insertions(+), 31 deletions(-)

Reply via email to