Mercurial > hg > orthanc-databases
changeset 81:515a783630df
injecting fix to issue #105 into the mainline
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Thu, 10 Jan 2019 13:32:34 +0100 |
parents | 714c5d2bee76 |
children | 122f22550521 ff2d56d37bfd |
files | Framework/PostgreSQL/PostgreSQLParameters.cpp Framework/PostgreSQL/PostgreSQLParameters.h PostgreSQL/NEWS Resources/CMake/DatabasesFrameworkConfiguration.cmake Resources/CMake/PostgreSQLConfiguration.cmake |
diffstat | 5 files changed, 34 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/Framework/PostgreSQL/PostgreSQLParameters.cpp Mon Dec 24 13:35:26 2018 +0100 +++ b/Framework/PostgreSQL/PostgreSQLParameters.cpp Thu Jan 10 13:32:34 2019 +0100 @@ -37,6 +37,7 @@ password_ = ""; database_.clear(); uri_.clear(); + ssl_ = false; lock_ = true; } @@ -84,6 +85,8 @@ { SetPassword(s); } + + ssl_ = configuration.GetBooleanValue("EnableSsl", false); } lock_ = configuration.GetBooleanValue("Lock", true); // Use locking by default @@ -174,7 +177,11 @@ { if (uri_.empty()) { - target = std::string("sslmode=disable") + // TODO WHY SSL DOES NOT WORK? ("SSL error: wrong version number") + // Note about SSL: "require" means that "I want my data to be + // encrypted, and I accept the overhead. I trust that the + // network will make sure I always connect to the server I want." + // https://www.postgresql.org/docs/current/libpq-ssl.html + target = std::string(ssl_ ? "sslmode=require" : "sslmode=disable") + " user=" + username_ + " host=" + host_ + " port=" + boost::lexical_cast<std::string>(port_);
--- a/Framework/PostgreSQL/PostgreSQLParameters.h Mon Dec 24 13:35:26 2018 +0100 +++ b/Framework/PostgreSQL/PostgreSQLParameters.h Thu Jan 10 13:32:34 2019 +0100 @@ -38,6 +38,7 @@ std::string password_; std::string database_; std::string uri_; + bool ssl_; bool lock_; void Reset(); @@ -91,6 +92,16 @@ return database_; } + void SetSsl(bool ssl) + { + ssl_ = ssl; + } + + bool IsSsl() const + { + return ssl_; + } + void SetLock(bool lock) { lock_ = lock;
--- a/PostgreSQL/NEWS Mon Dec 24 13:35:26 2018 +0100 +++ b/PostgreSQL/NEWS Thu Jan 10 13:32:34 2019 +0100 @@ -1,6 +1,8 @@ Pending changes in the mainline =============================== +* New configuration option: "EnableSsl" +* Fix issue 105 (Unable to connect to PostgreSQL database using SSL) * Fix Debian issue #906771 (Uncaught exception prevents db intialization (likely related to pg_trgm)) * Fix: Catching exceptions in destructors
--- a/Resources/CMake/DatabasesFrameworkConfiguration.cmake Mon Dec 24 13:35:26 2018 +0100 +++ b/Resources/CMake/DatabasesFrameworkConfiguration.cmake Thu Jan 10 13:32:34 2019 +0100 @@ -27,6 +27,7 @@ endif() if (ENABLE_POSTGRESQL_BACKEND) + set(ENABLE_CRYPTO_OPTIONS ON) set(ENABLE_SSL ON) set(ENABLE_ZLIB ON) endif()
--- a/Resources/CMake/PostgreSQLConfiguration.cmake Mon Dec 24 13:35:26 2018 +0100 +++ b/Resources/CMake/PostgreSQLConfiguration.cmake Thu Jan 10 13:32:34 2019 +0100 @@ -230,6 +230,12 @@ endif() + if (ENABLE_SSL) + set(HAVE_LIBSSL 1) + set(HAVE_SSL_GET_CURRENT_COMPRESSION 1) + set(USE_OPENSSL 1) + endif() + execute_process( COMMAND ${PYTHON_EXECUTABLE} @@ -299,6 +305,12 @@ ${LIBPQ_SOURCES_DIR}/src/backend/utils/mb/wchar.c ) + if (ENABLE_SSL) + list(APPEND LIBPQ_SOURCES + ${LIBPQ_SOURCES_DIR}/src/interfaces/libpq/fe-secure-openssl.c + ) + endif() + if (CMAKE_SYSTEM_NAME STREQUAL "Linux") LIST(APPEND LIBPQ_SOURCES