/* * call-seq: * PG.init_openssl(do_ssl, do_crypto) -> nil * * Allows applications to select which security libraries to initialize. * * If your application initializes libssl and/or libcrypto libraries and libpq is * built with SSL support, you should call PG.init_openssl() to tell libpq that the * libssl and/or libcrypto libraries have been initialized by your application, * so that libpq will not also initialize those libraries. See * http://h71000.www7.hp.com/doc/83final/BA554_90007/ch04.html for details on the SSL API. * * When do_ssl is +true+, libpq will initialize the OpenSSL library before first * opening a database connection. When do_crypto is +true+, the libcrypto library * will be initialized. By default (if PG.init_openssl() is not called), both libraries * are initialized. When SSL support is not compiled in, this function is present but does nothing. * * If your application uses and initializes either OpenSSL or its underlying libcrypto library, * you must call this function with +false+ for the appropriate parameter(s) before first opening * a database connection. Also be sure that you have done that initialization before opening a * database connection. * */ static VALUE pg_s_init_openssl(VALUE self, VALUE do_ssl, VALUE do_crypto) { UNUSED( self ); PQinitOpenSSL(pg_to_bool_int(do_ssl), pg_to_bool_int(do_crypto)); return Qnil; }
/************************************************************************* * * Function: sql_create_socket * * Purpose: Establish connection to the db * *************************************************************************/ static int sql_init_socket(rlm_sql_handle_t *handle, rlm_sql_config_t *config) { char *dbstring; rlm_sql_postgres_conn_t *conn; #ifdef HAVE_OPENSSL_CRYPTO_H static bool ssl_init = false; if (!ssl_init) { PQinitOpenSSL(0, 0); ssl_init = true; } #endif MEM(conn = handle->conn = talloc_zero(handle, rlm_sql_postgres_conn_t)); talloc_set_destructor(conn, _sql_socket_destructor); dbstring = strchr(config->sql_db, '=') ? talloc_strdup(conn, config->sql_db) : talloc_asprintf(conn, "dbname='%s'", config->sql_db); if (config->sql_server[0] != '\0') { dbstring = talloc_asprintf_append(dbstring, " host='%s'", config->sql_server); } if (config->sql_port[0] != '\0') { dbstring = talloc_asprintf_append(dbstring, " port=%s", config->sql_port); } if (config->sql_login[0] != '\0') { dbstring = talloc_asprintf_append(dbstring, " user='******'", config->sql_login); } if (config->sql_password[0] != '\0') { dbstring = talloc_asprintf_append(dbstring, " password='******'", config->sql_password); } conn->dbstring = dbstring; conn->db = PQconnectdb(dbstring); DEBUG2("rlm_sql_postgresql: Connecting using parameters: %s", dbstring); if (!conn->db || (PQstatus(conn->db) != CONNECTION_OK)) { ERROR("rlm_sql_postgresql: Connection failed: %s", PQerrorMessage(conn->db)); return -1; } DEBUG2("Connected to database '%s' on '%s' server version %i, protocol version %i, backend PID %i ", PQdb(conn->db), PQhost(conn->db), PQserverVersion(conn->db), PQprotocolVersion(conn->db), PQbackendPID(conn->db)); return 0; }
/* Make sure libcrypto thread callbacks are set up. */ static void psyco_libcrypto_threads_init(void) { PyObject *m; /* importing the ssl module sets up Python's libcrypto callbacks */ if ((m = PyImport_ImportModule("ssl"))) { /* disable libcrypto setup in libpq, so it won't stomp on the callbacks that have already been set up */ PQinitOpenSSL(1, 0); Py_DECREF(m); } else { /* might mean that Python has been compiled without OpenSSL support, fall back to relying on libpq's libcrypto locking */ PyErr_Clear(); } }
/* * Exported function to allow application to tell us it's already * initialized OpenSSL. */ void PQinitSSL(int do_init) { PQinitOpenSSL(do_init, do_init); }