*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.256 2003/07/28 00:09:16 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.257 2003/08/01 21:27:26 tgl Exp $
*
*-------------------------------------------------------------------------
*/
/* here warn that the requiressl option is deprecated? */
if (conn->sslmode)
free(conn->sslmode);
- conn->sslmode = "require";
+ conn->sslmode = strdup("require");
}
#endif
case 'r': /* "require" */
conn->status = CONNECTION_BAD;
printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("sslmode \"%s\" invalid when SSL "
- "support is not compiled in\n"),
+ libpq_gettext("sslmode \"%s\" invalid when SSL support is not compiled in\n"),
conn->sslmode);
return false;
}
#endif
}
else
- conn->sslmode = DefaultSSLMode;
+ conn->sslmode = strdup(DefaultSSLMode);
return true;
}
/* Don't bother requesting SSL over a Unix socket */
conn->allow_ssl_try = false;
}
- if (conn->allow_ssl_try && !conn->wait_ssl_try && conn->ssl == NULL)
+ if (conn->allow_ssl_try && !conn->wait_ssl_try &&
+ conn->ssl == NULL)
{
ProtocolVersion pv;
}
else if (SSLok == 'N')
{
- switch (conn->sslmode[0]) {
- case 'r': /* "require" */
- /* Require SSL, but server does not want it */
- printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("server does not support SSL, but SSL was required\n"));
- goto error_return;
- case 'a': /* "allow" */
- /*
- * normal startup already failed,
- * so SSL failure means the end
- */
- printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("server does not support SSL, and previous non-SSL attempt failed\n"));
- goto error_return;
+ if (conn->sslmode[0] == 'r') /* "require" */
+ {
+ /* Require SSL, but server does not want it */
+ printfPQExpBuffer(&conn->errorMessage,
+ libpq_gettext("server does not support SSL, but SSL was required\n"));
+ goto error_return;
}
-
/* Otherwise, proceed with normal startup */
conn->allow_ssl_try = false;
conn->status = CONNECTION_MADE;
/* Received error - probably protocol mismatch */
if (conn->Pfdebug)
fprintf(conn->Pfdebug, "Postmaster reports error, attempting fallback to pre-7.0.\n");
- switch (conn->sslmode[0]) {
- case 'r': /* "require" */
- /* Require SSL, but server is too old */
- printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("server does not support SSL, but SSL was required\n"));
- goto error_return;
- case 'a': /* "allow" */
- /*
- * normal startup already failed,
- * so SSL failure means the end
- */
- printfPQExpBuffer(&conn->errorMessage,
- libpq_gettext("server does not support SSL, and previous non-SSL attempt failed\n"));
- goto error_return;
+ if (conn->sslmode[0] == 'r') /* "require" */
+ {
+ /* Require SSL, but server is too old */
+ printfPQExpBuffer(&conn->errorMessage,
+ libpq_gettext("server does not support SSL, but SSL was required\n"));
+ goto error_return;
}
-
/* Otherwise, try again without SSL */
conn->allow_ssl_try = false;
/* Assume it ain't gonna handle protocol 3, either */
#ifdef USE_SSL
/*
- * if sslmode is "allow" and we haven't tried an
- * SSL connection already, then retry with an SSL connection
+ * if sslmode is "allow" and we haven't tried an SSL
+ * connection already, then retry with an SSL connection
*/
- if (conn->wait_ssl_try
+ if (conn->sslmode[0] == 'a' /* "allow" */
&& conn->ssl == NULL
- && conn->allow_ssl_try)
+ && conn->allow_ssl_try
+ && conn->wait_ssl_try)
{
+ /* only retry once */
conn->wait_ssl_try = false;
/* Must drop the old connection */
closesocket(conn->sock);
/*
* if sslmode is "prefer" and we're in an SSL
- * connection and we haven't already tried a non-SSL
- * for "allow", then do a non-SSL retry
+ * connection, then do a non-SSL retry
*/
- if (!conn->wait_ssl_try
+ if (conn->sslmode[0] == 'p' /* "prefer" */
&& conn->ssl
- && conn->allow_ssl_try
- && conn->sslmode[0] == 'p') /* "prefer" */
+ && conn->allow_ssl_try /* redundant? */
+ && !conn->wait_ssl_try) /* redundant? */
{
+ /* only retry once */
conn->allow_ssl_try = false;
/* Must drop the old connection */
pqsecure_close(conn);
closesocket(conn->sock);
conn->sock = -1;
- free(conn->ssl);
conn->status = CONNECTION_NEEDED;
goto keep_going;
}
if (fe_sendauth(areq, conn, conn->pghost, conn->pgpass,
conn->errorMessage.data) != STATUS_OK)
{
-#ifdef USE_SSL
- /*
- * if sslmode is "allow" and we haven't tried an
- * SSL connection already, then retry with an SSL connection
- */
- if (conn->wait_ssl_try
- && conn->ssl == NULL
- && conn->allow_ssl_try)
- {
- conn->wait_ssl_try = false;
- /* Must drop the old connection */
- closesocket(conn->sock);
- conn->sock = -1;
- conn->status = CONNECTION_NEEDED;
- goto keep_going;
- }
-
- /*
- * if sslmode is "prefer" and we're in an SSL
- * connection and we haven't already tried a non-SSL
- * for "allow", then do a non-SSL retry
- */
- if (!conn->wait_ssl_try
- && conn->ssl
- && conn->allow_ssl_try
- && conn->sslmode[0] == 'p') /* "prefer" */
- {
- conn->allow_ssl_try = false;
- /* Must drop the old connection */
- pqsecure_close(conn);
- closesocket(conn->sock);
- conn->sock = -1;
- free(conn->ssl);
- conn->status = CONNECTION_NEEDED;
- goto keep_going;
- }
-#endif
-
conn->errorMessage.len = strlen(conn->errorMessage.data);
goto error_return;
}
static PGconn *
makeEmptyPGconn(void)
{
- PGconn *conn = (PGconn *) malloc(sizeof(PGconn));
+ PGconn *conn;
-/* needed to use the static libpq under windows as well */
#ifdef WIN32
+ /* needed to use the static libpq under windows as well */
WSADATA wsaData;
-#endif
- if (conn == NULL)
- return conn;
-
-#ifdef WIN32
if (WSAStartup(MAKEWORD(1, 1), &wsaData))
- {
- free(conn);
return (PGconn*) NULL;
- }
-
WSASetLastError(0);
-
#endif
+ conn = (PGconn *) malloc(sizeof(PGconn));
+ if (conn == NULL)
+ return conn;
+
/* Zero all pointers and booleans */
MemSet((char *) conn, 0, sizeof(PGconn));
conn->notifyList = DLNewList();
conn->sock = -1;
#ifdef USE_SSL
- conn->allow_ssl_try = TRUE;
+ conn->allow_ssl_try = true;
+ conn->wait_ssl_try = false;
#endif
/*
free(conn->pguser);
if (conn->pgpass)
free(conn->pgpass);
+ if (conn->sslmode)
+ free(conn->sslmode);
/* Note that conn->Pfdebug is not ours to close or free */
if (conn->notifyList)
DLFreeList(conn->notifyList);
projects / postgresql / commitdiff