diff options
| author | Magnus Hagander <magnus@hagander.net> | 2011-11-28 13:13:42 +0100 |
|---|---|---|
| committer | Magnus Hagander <magnus@hagander.net> | 2011-11-28 13:13:42 +0100 |
| commit | 64aea1ebc70dc597b79e2f7f4451472510a1e9bf (patch) | |
| tree | 3cb08879f2083258aa694fe981d56dd30d44349b /src | |
| parent | dd3bab5fd74db009c946278bb314c8458a2fef11 (diff) | |
Add libpq connection option to disable SSL compression
This can be used to remove the overhead of SSL compression on
fast networks.
Laurenz Albe
Diffstat (limited to 'src')
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 5 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 10 | ||||
| -rw-r--r-- | src/interfaces/libpq/libpq-int.h | 1 |
3 files changed, 16 insertions, 0 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index ed9dce941e1..50f3f83aaeb 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -222,6 +222,9 @@ static const PQconninfoOption PQconninfoOptions[] = { {"sslmode", "PGSSLMODE", DefaultSSLMode, NULL, "SSL-Mode", "", 8}, /* sizeof("disable") == 8 */ + {"sslcompression", "PGSSLCOMPRESSION", "1", NULL, + "SSL-Compression", "", 1}, + {"sslcert", "PGSSLCERT", NULL, NULL, "SSL-Client-Cert", "", 64}, @@ -621,6 +624,8 @@ fillPGconn(PGconn *conn, PQconninfoOption *connOptions) conn->keepalives_count = tmp ? strdup(tmp) : NULL; tmp = conninfo_getval(connOptions, "sslmode"); conn->sslmode = tmp ? strdup(tmp) : NULL; + tmp = conninfo_getval(connOptions, "sslcompression"); + conn->sslcompression = tmp ? strdup(tmp) : NULL; tmp = conninfo_getval(connOptions, "sslkey"); conn->sslkey = tmp ? strdup(tmp) : NULL; tmp = conninfo_getval(connOptions, "sslcert"); diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 9c6ced6a828..c6963bed948 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -1292,6 +1292,16 @@ initialize_SSL(PGconn *conn) } } + /* + * If the OpenSSL version used supports it (from 1.0.0 on) + * and the user requested it, disable SSL compression. + */ +#ifdef SSL_OP_NO_COMPRESSION + if (conn->sslcompression && conn->sslcompression[0] == '0') { + SSL_set_options(conn->ssl, SSL_OP_NO_COMPRESSION); + } +#endif + return 0; } diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index d56ef5d489b..64dfcb27fb1 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -310,6 +310,7 @@ struct pg_conn char *keepalives_count; /* maximum number of TCP keepalive * retransmits */ char *sslmode; /* SSL mode (require,prefer,allow,disable) */ + char *sslcompression; /* SSL compression (0 or 1) */ char *sslkey; /* client key filename */ char *sslcert; /* client certificate filename */ char *sslrootcert; /* root certificate filename */ |