From a445cb92ef5b3a31313ebce30e18cc1d6e0bdecb Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Wed, 22 Feb 2012 23:40:46 +0200 Subject: Add parameters for controlling locations of server-side SSL files This allows changing the location of the files that were previously hard-coded to server.crt, server.key, root.crt, root.crl. server.crt and server.key continue to be the default settings and are thus required to be present by default if SSL is enabled. But the settings for the server-side CA and CRL are now empty by default, and if they are set, the files are required to be present. This replaces the previous behavior of ignoring the functionality if the files were not found. --- src/include/libpq/libpq.h | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/include/libpq') diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h index a4ef7b3e09..7083cd866b 100644 --- a/src/include/libpq/libpq.h +++ b/src/include/libpq/libpq.h @@ -70,6 +70,11 @@ extern void pq_endcopyout(bool errorAbort); /* * prototypes for functions in be-secure.c */ +extern char *ssl_cert_file; +extern char *ssl_key_file; +extern char *ssl_ca_file; +extern char *ssl_crl_file; + extern int secure_initialize(void); extern bool secure_loaded_verify_locations(void); extern void secure_destroy(void); -- cgit v1.2.1