Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wJysv-000T02-1u for pgsql-hackers@arkaria.postgresql.org; Mon, 04 May 2026 19:23:17 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wJysu-008Vr1-0g for pgsql-hackers@arkaria.postgresql.org; Mon, 04 May 2026 19:23:16 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wJyst-008Vqs-2w for pgsql-hackers@lists.postgresql.org; Mon, 04 May 2026 19:23:15 +0000 Received: from sss.pgh.pa.us ([68.162.161.243]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wJysr-00000000BpZ-1vXU for pgsql-hackers@lists.postgresql.org; Mon, 04 May 2026 19:23:15 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.18.1/8.18.1) with ESMTP id 644JMb0B359139; Mon, 4 May 2026 15:22:37 -0400 From: Tom Lane To: Daniel Gustafsson cc: Zsolt Parragi , Michael Banck , Jacob Champion , Jelte Fennema-Nio , Heikki Linnakangas , "li.evan.chao" , Michael Paquier , Andres Freund , Pgsql Hackers Subject: Re: Serverside SNI support in libpq In-reply-to: <1CEF92A7-B41A-46A2-BEBA-34307BFE594B@yesql.se> References: <1C38F269-E552-4F78-9E88-E91CEDB12F35@yesql.se> <23D19F69-A8DE-4F89-99F6-5FC48762CE4D@yesql.se> <561BF011-1626-43A5-BD82-913E67EEBA8B@yesql.se> <7DA91781-AA47-447A-BA6F-99FE7E83954E@yesql.se> <1CEF92A7-B41A-46A2-BEBA-34307BFE594B@yesql.se> Comments: In-reply-to Daniel Gustafsson message dated "Thu, 19 Mar 2026 11:38:22 +0100" MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----- =_aaaaaaaaaa0" Content-ID: <359118.1777922543.0@sss.pgh.pa.us> Date: Mon, 04 May 2026 15:22:37 -0400 Message-ID: <359138.1777922557@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <359118.1777922543.1@sss.pgh.pa.us> In preparation for our annual pgindent update, I checked what happens when I install the buildfarm's version of typedefs.list, and I found that the typedef HostsFileLoadResult (from 4f433025f) gets misformatted because it's not in the buildfarm's list. That's because the buildfarm mechanism only captures typedefs that are used to declare some object (variable, function, field) and this one isn't. It seems quite odd to me that load_host(), which in fact returns HostsFileLoadResult codes, is declared to return int. That seems to have been done because HostsFileLoadResult wasn't declared in the same header, but there is no visible reason why it shouldn't be. Any objection to the attached fixup? As a side matter, "load_host" seems like a remarkably generic name that conveys little about what it actually does, and to the extent that it does convey anything the implication is wrong: it returns (potentially) info about multiple hosts not just one. Can't we do better? regards, tom lane ------- =_aaaaaaaaaa0 Content-Type: text/x-diff; name="declare-load_host-more-honestly.patch"; charset="us-ascii" Content-ID: <359118.1777922543.2@sss.pgh.pa.us> Content-Description: declare-load_host-more-honestly.patch Content-Transfer-Encoding: quoted-printable diff --git a/src/backend/libpq/be-secure-common.c b/src/backend/libpq/be-s= ecure-common.c index ad04bedaa1d..6ec887b8a47 100644 --- a/src/backend/libpq/be-secure-common.c +++ b/src/backend/libpq/be-secure-common.c @@ -361,7 +361,7 @@ parse_hosts_line(TokenizedAuthLine *tok_line, int elev= el) * the hosts configuration failed to load, the err_msg variable may have = more * information in case it was passed as non-NULL. */ -int +HostsFileLoadResult load_hosts(List **hosts, char **err_msg) { FILE *file; diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-= secure-openssl.c index f64b2787f66..b978497b5d4 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -156,7 +156,7 @@ be_tls_init(bool isServerStart) MemoryContext host_memcxt =3D NULL; MemoryContextCallback *host_memcxt_cb; char *err_msg =3D NULL; - int res; + HostsFileLoadResult res; struct hosts *new_hosts; SSL_CTX *context =3D NULL; int ssl_ver_min =3D -1; diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h index 29e2a6c5b3d..4aa6258a345 100644 --- a/src/include/libpq/hba.h +++ b/src/include/libpq/hba.h @@ -165,15 +165,6 @@ typedef struct HostsLine void *ssl_ctx; /* associated SSL_CTX* for the above settings */ } HostsLine; = -typedef enum HostsFileLoadResult -{ - HOSTSFILE_LOAD_OK =3D 0, - HOSTSFILE_LOAD_FAILED, - HOSTSFILE_EMPTY, - HOSTSFILE_MISSING, - HOSTSFILE_DISABLED, -} HostsFileLoadResult; - /* * TokenizedAuthLine represents one line lexed from an authentication * configuration file. Each item in the "fields" list is a sub-list of diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h index c9b934d2321..d15073a0a93 100644 --- a/src/include/libpq/libpq.h +++ b/src/include/libpq/libpq.h @@ -156,6 +156,15 @@ enum ssl_protocol_versions PG_TLS1_3_VERSION, }; = +typedef enum HostsFileLoadResult +{ + HOSTSFILE_LOAD_OK =3D 0, + HOSTSFILE_LOAD_FAILED, + HOSTSFILE_EMPTY, + HOSTSFILE_MISSING, + HOSTSFILE_DISABLED, +} HostsFileLoadResult; + /* * prototypes for functions in be-secure-common.c */ @@ -164,6 +173,6 @@ extern int run_ssl_passphrase_command(const char *cmd,= const char *prompt, char *buf, int size); extern bool check_ssl_key_file_permissions(const char *ssl_key_file, bool isServerStart); -extern int load_hosts(List **hosts, char **err_msg); +extern HostsFileLoadResult load_hosts(List **hosts, char **err_msg); = #endif /* LIBPQ_H */ ------- =_aaaaaaaaaa0--