Add ssl_cipher() and ssl_version() functions to contrib/sslinfo.

robertmhaas · robertmhaas · commit 6d16902eda62 · 2010-07-27T23:43:42.000Z
Review by Dave Page.
diff --git a/contrib/sslinfo/sslinfo.c b/contrib/sslinfo/sslinfo.c
@@ -4,7 +4,7 @@
  * Written by Victor B. Wagner <vitus@cryptocom.ru>, Cryptocom LTD
  * This file is distributed under BSD-style license.
  *
- * $PostgreSQL: pgsql/contrib/sslinfo/sslinfo.c,v 1.8 2008/11/10 14:57:38 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/sslinfo/sslinfo.c,v 1.9 2010/07/27 23:43:42 rhaas Exp $
  */
 
 #include "postgres.h"
@@ -23,6 +23,8 @@ PG_MODULE_MAGIC;
 
 
 Datum		ssl_is_used(PG_FUNCTION_ARGS);
+Datum		ssl_version(PG_FUNCTION_ARGS);
+Datum		ssl_cipher(PG_FUNCTION_ARGS);
 Datum		ssl_client_cert_present(PG_FUNCTION_ARGS);
 Datum		ssl_client_serial(PG_FUNCTION_ARGS);
 Datum		ssl_client_dn_field(PG_FUNCTION_ARGS);
@@ -48,6 +50,32 @@ ssl_is_used(PG_FUNCTION_ARGS)
 }
 
 
+/*
+ * Returns SSL cipher currently in use.
+ */
+PG_FUNCTION_INFO_V1(ssl_version);
+Datum
+ssl_version(PG_FUNCTION_ARGS)
+{
+	if (MyProcPort->ssl == NULL)
+		PG_RETURN_NULL();
+	PG_RETURN_TEXT_P(cstring_to_text(SSL_get_version(MyProcPort->ssl)));
+}
+
+
+/*
+ * Returns SSL cipher currently in use.
+ */
+PG_FUNCTION_INFO_V1(ssl_cipher);
+Datum
+ssl_cipher(PG_FUNCTION_ARGS)
+{
+	if (MyProcPort->ssl == NULL)
+		PG_RETURN_NULL();
+	PG_RETURN_TEXT_P(cstring_to_text(SSL_get_cipher(MyProcPort->ssl)));
+}
+
+
 /*
  * Indicates whether current client have provided a certificate
  *
diff --git a/contrib/sslinfo/sslinfo.sql.in b/contrib/sslinfo/sslinfo.sql.in
@@ -1,4 +1,4 @@
-/* $PostgreSQL: pgsql/contrib/sslinfo/sslinfo.sql.in,v 1.4 2007/11/13 04:24:29 momjian Exp $ */
+/* $PostgreSQL: pgsql/contrib/sslinfo/sslinfo.sql.in,v 1.5 2010/07/27 23:43:42 rhaas Exp $ */
 
 -- Adjust this setting to control where the objects get created.
 SET search_path = public;
@@ -11,6 +11,14 @@ CREATE OR REPLACE FUNCTION ssl_is_used() RETURNS boolean
 AS 'MODULE_PATHNAME', 'ssl_is_used'
 LANGUAGE C STRICT;
 
+CREATE OR REPLACE FUNCTION ssl_version() RETURNS text
+AS 'MODULE_PATHNAME', 'ssl_version'
+LANGUAGE C STRICT;
+
+CREATE OR REPLACE FUNCTION ssl_cipher() RETURNS text
+AS 'MODULE_PATHNAME', 'ssl_cipher'
+LANGUAGE C STRICT;
+
 CREATE OR REPLACE FUNCTION ssl_client_cert_present() RETURNS boolean
 AS 'MODULE_PATHNAME', 'ssl_client_cert_present'
 LANGUAGE C STRICT;
diff --git a/contrib/sslinfo/uninstall_sslinfo.sql b/contrib/sslinfo/uninstall_sslinfo.sql
@@ -1,10 +1,12 @@
-/* $PostgreSQL: pgsql/contrib/sslinfo/uninstall_sslinfo.sql,v 1.3 2007/11/13 04:24:29 momjian Exp $ */
+/* $PostgreSQL: pgsql/contrib/sslinfo/uninstall_sslinfo.sql,v 1.4 2010/07/27 23:43:42 rhaas Exp $ */
 
 -- Adjust this setting to control where the objects get dropped.
 SET search_path = public;
 
 DROP FUNCTION ssl_client_serial();
 DROP FUNCTION ssl_is_used();
+DROP FUNCTION ssl_cipher();
+DROP FUNCTION ssl_version();
 DROP FUNCTION ssl_client_cert_present();
 DROP FUNCTION ssl_client_dn_field(text);
 DROP FUNCTION ssl_issuer_field(text);
diff --git a/doc/src/sgml/sslinfo.sgml b/doc/src/sgml/sslinfo.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/sslinfo.sgml,v 1.3 2007/12/06 04:12:10 tgl Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/sslinfo.sgml,v 1.4 2010/07/27 23:43:42 rhaas Exp $ -->
 
 <sect1 id="sslinfo">
  <title>sslinfo</title>
@@ -35,6 +35,30 @@ ssl_is_used() returns boolean
     </listitem>
    </varlistentry>
 
+   <varlistentry>
+    <term><function>
+ssl_version() returns text
+    </function></term>
+    <listitem>
+    <para>
+     Returns the name of the protocol used for the SSL connection (e.g. SSLv2,
+     SSLv3, or TLSv1).
+    </para>
+    </listitem>
+   </varlistentry>
+
+   <varlistentry>
+    <term><function>
+ssl_cipher() returns text
+    </function></term>
+    <listitem>
+    <para>
+     Returns the name of the cipher used for the SSL connection
+     (e.g. DHE-RSA-AES256-SHA).
+    </para>
+    </listitem>
+   </varlistentry>
+
    <varlistentry>
     <term><function>
 ssl_client_cert_present() returns boolean
