Re: [HACKERS] [PATCHES] sslmode patch

Sat, 26 Jul 2003 08:21:17 -0700 

Excellent idea.  Patch attached and applied.

---------------------------------------------------------------------------

Tom Lane wrote:
> Bruce Momjian <[EMAIL PROTECTED]> writes:
> > I had a little problem apply this patch because it had an #ifdef for
> > elog() parameter passing.  Because ereport() is now a macro, you can't
> > do #ifdef inside a macro _call_, so I did it this way:
> 
> I don't think a non-SSL-enabled build need be pointing that out in every
> error message --- the SSL phrase shouldn't even be there in the message.
> Accordingly, I'd be inclined to do this:
> 
> #ifdef USE_SSL
>     ereport(FATAL,
>         (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
>          errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\", 
> %s",
>                 hostinfo, port->user_name, port->database_name,
>                 (port->ssl ? gettext("SSL on") : gettext("SSL off")))));
> #else
>     ereport(FATAL,
>         (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
>          errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\"",
>                 hostinfo, port->user_name, port->database_name)));
> #endif
> 
> This approach is also more localizable.
> 
>                       regards, tom lane
> 
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
> 
>                http://archives.postgresql.org
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  [EMAIL PROTECTED]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

Index: auth.c
===================================================================
RCS file: /cvsroot/pgsql-server/src/backend/libpq/auth.c,v
retrieving revision 1.106
diff -c -c -r1.106 auth.c
*** auth.c      26 Jul 2003 13:50:02 -0000      1.106
--- auth.c      26 Jul 2003 15:21:20 -0000
***************
*** 440,454 ****
                                                                NI_NUMERICHOST);
  
  #ifdef USE_SSL
- #define EREPORT_SSL_STATUS    (port->ssl ? "on" : "off")
- #else
- #define EREPORT_SSL_STATUS    "off"
- #endif
- 
                                ereport(FATAL,
                                                
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                                                 errmsg("no pg_hba.conf entry for host 
\"%s\", user \"%s\", database \"%s\", SSL \"%s\"",
!                                                               hostinfo, 
port->user_name, port->database_name, EREPORT_SSL_STATUS)));
                                break;
                        }
  
--- 440,455 ----
                                                                NI_NUMERICHOST);
  
  #ifdef USE_SSL
                                ereport(FATAL,
                                                
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                                                 errmsg("no pg_hba.conf entry for host 
\"%s\", user \"%s\", database \"%s\", SSL \"%s\"",
!                                                               hostinfo, 
port->user_name, port->database_name, port->ssl ? "on" : "off")));
! #else
!                               ereport(FATAL,
!                                               
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
!                                                errmsg("no pg_hba.conf entry for host 
\"%s\", user \"%s\", database \"%s\"",
!                                                               hostinfo, 
port->user_name, port->database_name)));
! #endif
                                break;
                        }
  

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Reply via email to