Fix bogus behavior of PQsslAttribute(conn, "library").

Commit ebc8b7d44 intended to change the behavior of
PQsslAttribute(NULL, "library"), but accidentally also changed
what happens with a non-NULL conn pointer.  Undo that so that
only the intended behavior change happens.  Clarify some
associated documentation.

Per bug #17625 from Heath Lord.  Back-patch to v15.

Discussion: https://postgr.es/m/17625-fc47c78b7d71b534@postgresql.org

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 57bfc8fc714d59f9be7918744b81071d449a1d1d..8908f775df3155fdc70f857faabcf1ccd898772c 100644 (file)
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -2514,8 +2514,9 @@ const char *PQsslAttribute(const PGconn *conn, const char *attribute_name);
 
       
        The list of available attributes varies depending on the SSL library
-       being used, and the type of connection. If an attribute is not
-       available, returns NULL.
+       being used and the type of connection.  Returns NULL if the connection
+       does not use SSL or the specified attribute name is not defined for the
+       library in use.
       
 
       
@@ -2574,12 +2575,15 @@ const char *PQsslAttribute(const PGconn *conn, const char *attribute_name);
 
       
        As a special case, the library attribute may be
-       queried without an existing connection by passing NULL as the
-       conn argument. The historical behavior was to return
-       NULL for any attribute when a NULL conn was provided;
-       client programs needing to differentiate between the newer and older
-       implementations may check the
-       LIBPQ_HAS_SSL_LIBRARY_DETECTION feature macro.
+       queried without a connection by passing NULL as
+       the conn argument.  The result will be the default
+       SSL library name, or NULL if libpq was
+       compiled without any SSL support.  (Prior
+       to PostgreSQL version 15, passing NULL as
+       the conn argument always resulted in NULL.
+       Client programs needing to differentiate between the newer and older
+       implementations of this case may check the
+       LIBPQ_HAS_SSL_LIBRARY_DETECTION feature macro.)
       
      
     
@@ -2588,7 +2592,8 @@ const char *PQsslAttribute(const PGconn *conn, const char *attribute_name);
      PQsslAttributeNamesPQsslAttributeNames
      
       
-       Return an array of SSL attribute names available. The array is terminated by a NULL pointer.
+       Returns an array of SSL attribute names available.
+       The array is terminated by a NULL pointer.
 
 const char * const * PQsslAttributeNames(const PGconn *conn);
 
@@ -2600,8 +2605,10 @@ const char * const * PQsslAttributeNames(const PGconn *conn);
      PQsslStructPQsslStruct
      
       
-       Return a pointer to an SSL-implementation-specific object describing
-       the connection.
+       Returns a pointer to an SSL-implementation-specific object describing
+       the connection.  Returns NULL if the connection is not encrypted
+       or the requested type of object is not available from the connection's
+       SSL implementation.
 
 void *PQsslStruct(const PGconn *conn, const char *struct_name);
 
@@ -2609,8 +2616,9 @@ void *PQsslStruct(const PGconn *conn, const char *struct_name);
       
        The struct(s) available depend on the SSL implementation in use.
        For OpenSSL, there is one struct,
-       available under the name "OpenSSL", and it returns a pointer to the
-       OpenSSL SSL struct.
+       available under the name OpenSSL,
+       and it returns a pointer to
+       OpenSSL's SSL struct.
        To use this function, code along the following lines could be used:
 
 #include 
@@ -2643,7 +2651,7 @@ void *PQsslStruct(const PGconn *conn, const char *struct_name);
      
       
        SSLin libpq
-       Returns the SSL structure used in the connection, or null
+       Returns the SSL structure used in the connection, or NULL
        if SSL is not in use.
 
 


diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c

index aea4661736cb83d25427beefbefd1b3b9e97de9b..74b5c5987a68edb5f6c6c101560cbe0f89955ae1 100644 (file)

--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1745,14 +1745,21 @@ PQsslAttributeNames(PGconn *conn)
 const char *
 PQsslAttribute(PGconn *conn, const char *attribute_name)
 {
-   if (strcmp(attribute_name, "library") == 0)
-       return "OpenSSL";
-
    if (!conn)
+   {
+       /* PQsslAttribute(NULL, "library") reports the default SSL library */
+       if (strcmp(attribute_name, "library") == 0)
+           return "OpenSSL";
        return NULL;
+   }
+
+   /* All attributes read as NULL for a non-encrypted connection */
    if (conn->ssl == NULL)
        return NULL;
 
+   if (strcmp(attribute_name, "library") == 0)
+       return "OpenSSL";
+
    if (strcmp(attribute_name, "key_bits") == 0)
    {
        static char sslbits_str[12];

diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index aea4661736cb83d25427beefbefd1b3b9e97de9b..74b5c5987a68edb5f6c6c101560cbe0f89955ae1 100644 (file)
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1745,14 +1745,21 @@ PQsslAttributeNames(PGconn *conn)
 const char *
 PQsslAttribute(PGconn *conn, const char *attribute_name)
 {
-   if (strcmp(attribute_name, "library") == 0)
-       return "OpenSSL";
-
    if (!conn)
+   {
+       /* PQsslAttribute(NULL, "library") reports the default SSL library */
+       if (strcmp(attribute_name, "library") == 0)
+           return "OpenSSL";
        return NULL;
+   }
+
+   /* All attributes read as NULL for a non-encrypted connection */
    if (conn->ssl == NULL)
        return NULL;
 
+   if (strcmp(attribute_name, "library") == 0)
+       return "OpenSSL";
+
    if (strcmp(attribute_name, "key_bits") == 0)
    {
        static char sslbits_str[12];