Hello!
I am developing an application with ZeosLib version 7.2.14 stable. Now you may say - it is wrong place to wrote the message, but i think it also belongs here. I am using libpq 15 with libssl 3.08 manually compiled under 32-bit visual studio with -MT option. My connection includes ed448 private/public keys & certificates signed by external CA. Pkey is stored in pkcs#8 format using scrypt, aes256 and other stuff with a _passphrase_.
Now normally there is psql parameter `sslpassword` with can be used to supply passphrase. As I searched throught source code I found method TZPostgreSQLConnection.BuildConnectStr, where there is no such parameter. As I looked over current master branch (https://github.com/frones/ZeosLib/blob/ ... l.pas#L764) there is no such parameter either.
1. Is this parameter emulated in some other way that I simply overlooked in newest version of Zeos?
2. If No, it there a plan to add it there?
3. There are many more parameters described in https://www.postgresql.org/docs/current ... nnect.html. Does Developers plan to add some of them (maybe a subset that makes a sense)?
4. As I stumbled over this https://severalnines.com/blog/overview- ... arameters/ do you plan to provide an interface to PQsetSSLKeyPassHook_OpenSSL?
As this is my first and rather lenghty post here, please forgive if i did not fully adhere to forum rules/guidelines. Kind regards.
PostgreSQL sslpassword
-
- Platinum Boarder
- Posts: 1967
- Joined: 17.01.2011, 14:17
Re: PostgreSQL sslpassword
Hello
I am sorry for my late response.
This parameter isn't emulated in any other way.
There is an idea of building a kinda wildcard mechanism for using PostgreSQL parameters. But I didn't implement tthat yet.
Best regards,
Jan
I am sorry for my late response.
We currently don't have that parameter but it should be simple to add.
1. Is this parameter emulated in some other way that I simply overlooked in newest version of Zeos?[/quote]This isn't an offical repo. The more or less official repos are at https://github.com/marsupilami79/zeoslib.Scalmax wrote: ↑04.05.2023, 15:37 As I looked over current master branch (https://github.com/frones/ZeosLib/blob/master/src/dbc/ZDbcPostgreSql.pas#L764)
This parameter isn't emulated in any other way.
Yes - I planned this right now Should be done durung the next days.2. If No, it there a plan to add it there?
The problem here is that this really is a lot of work. So we add parameters on a per request basis. Also there is no definitive set of parameters to add since extensions to PostgreSQL may add new parameters.3. There are many more parameters described in https://www.postgresql.org/docs/current/libpq-connect.html. Does Developers plan to add some of them (maybe a subset that makes a sense)?
There is an idea of building a kinda wildcard mechanism for using PostgreSQL parameters. But I didn't implement tthat yet.
Most probably we will not add this. Currently I am unsure how this would integrate with the current structure of Zeos. Maybe it could be added as a special extension on the DBC layer.4. As I stumbled over this https://severalnines.com/blog/overview-postgresql-13-libpq-sslpassword-connection-parameters/ do you plan to provide an interface to PQsetSSLKeyPassHook_OpenSSL?
Best regards,
Jan
Re: PostgreSQL sslpassword
Hello,
Thank you for answer. I planned to add those parameters myself ealier with pull request, but i did not know if you really want to have them inside zeos. I dug thu some code to find place where i think they should be added. Then I looked over subforum, where users add adhoc fixes, but lack of time and other things made me forget about this.
It's time to set account on github and start pushing...
Thank you for answer. I planned to add those parameters myself ealier with pull request, but i did not know if you really want to have them inside zeos. I dug thu some code to find place where i think they should be added. Then I looked over subforum, where users add adhoc fixes, but lack of time and other things made me forget about this.
It's time to set account on github and start pushing...
-
- Platinum Boarder
- Posts: 1967
- Joined: 17.01.2011, 14:17
Re: PostgreSQL sslpassword
Hello
Best regards,
Jan
We like contributions
I assume this happens in ZdbcPostgresql.pas. There should be a place where we check the parameters for certificate file locations. That should be the best place to also add the password option.
I will be happy to apply patches. Please keep in mind that the copy on Github is only a mirror. If you issue a pull request, I will apply the patch to our Subversion repository and from there it will be sent to Github.
Best regards,
Jan
Re: PostgreSQL sslpassword
I created patch using diff. File is in the attachment. Source code is taken from:
https://sourceforge.net/p/zeoslib/code- ... 0-patches/
https://sourceforge.net/p/zeoslib/code- ... 0-patches/
You do not have the required permissions to view the files attached to this post.
-
- Platinum Boarder
- Posts: 1967
- Joined: 17.01.2011, 14:17
Re: PostgreSQL sslpassword
I applied your patches, so I think, this is redundant?
Re: PostgreSQL sslpassword
Yes, it it redundant.
Note for future readers: Due to merged pull requests, this thread is ready for being locked and archived in my opinion.
Note for future readers: Due to merged pull requests, this thread is ready for being locked and archived in my opinion.
-
- Platinum Boarder
- Posts: 1967
- Joined: 17.01.2011, 14:17
Re: PostgreSQL sslpassword
Locked