postgrespro
diff --git a/‎contrib/sslinfo/Makefile
Lines changed: 1 addition & 1 deletion b/‎contrib/sslinfo/Makefile
Lines changed: 1 addition & 1 deletion
diff --git a/‎contrib/sslinfo/meson.build
Lines changed: 0 additions & 1 deletion b/‎contrib/sslinfo/meson.build
Lines changed: 0 additions & 1 deletion
diff --git a/‎contrib/sslinfo/sslinfo--1.2--1.3.sql
Lines changed: 0 additions & 12 deletions b/‎contrib/sslinfo/sslinfo--1.2--1.3.sql
Lines changed: 0 additions & 12 deletions
diff --git a/‎contrib/sslinfo/sslinfo.c
Lines changed: 0 additions & 67 deletions b/‎contrib/sslinfo/sslinfo.c
Lines changed: 0 additions & 67 deletions
diff --git a/‎contrib/sslinfo/sslinfo.control
Lines changed: 1 addition & 1 deletion b/‎contrib/sslinfo/sslinfo.control
Lines changed: 1 addition & 1 deletion
diff --git a/‎doc/src/sgml/monitoring.sgml
Lines changed: 0 additions & 20 deletions b/‎doc/src/sgml/monitoring.sgml
Lines changed: 0 additions & 20 deletions
diff --git a/‎doc/src/sgml/sslinfo.sgml
Lines changed: 0 additions & 30 deletions b/‎doc/src/sgml/sslinfo.sgml
Lines changed: 0 additions & 30 deletions
diff --git a/‎src/backend/catalog/system_views.sql
Lines changed: 1 addition & 3 deletions b/‎src/backend/catalog/system_views.sql
Lines changed: 1 addition & 3 deletions
diff --git a/‎src/backend/libpq/be-secure-openssl.c
Lines changed: 0 additions & 47 deletions b/‎src/backend/libpq/be-secure-openssl.c
Lines changed: 0 additions & 47 deletions
diff --git a/‎src/backend/utils/activity/backend_status.c
Lines changed: 0 additions & 2 deletions b/‎src/backend/utils/activity/backend_status.c
Lines changed: 0 additions & 2 deletions
diff --git a/‎src/backend/utils/adt/pgstatfuncs.c
Lines changed: 17 additions & 29 deletions b/‎src/backend/utils/adt/pgstatfuncs.c
Lines changed: 17 additions & 29 deletions
@@ -6,7 +6,7 @@ OBJS = \
 	sslinfo.o
 
 EXTENSION = sslinfo
-DATA = sslinfo--1.2--1.3.sql sslinfo--1.2.sql sslinfo--1.1--1.2.sql sslinfo--1.0--1.1.sql
+DATA = sslinfo--1.2.sql sslinfo--1.1--1.2.sql sslinfo--1.0--1.1.sql
 PGFILEDESC = "sslinfo - information about client SSL certificate"
 
 ifdef USE_PGXS
 
@@ -26,7 +26,6 @@ install_data(
   'sslinfo--1.0--1.1.sql',
   'sslinfo--1.1--1.2.sql',
   'sslinfo--1.2.sql',
-  'sslinfo--1.2--1.3.sql',
   'sslinfo.control',
   kwargs: contrib_data_args,
 )
@@ -18,7 +18,6 @@
 #include "libpq/libpq-be.h"
 #include "miscadmin.h"
 #include "utils/builtins.h"
-#include "utils/timestamp.h"
 
 /*
  * On Windows, <wincrypt.h> includes a #define for X509_NAME, which breaks our
@@ -35,7 +34,6 @@ PG_MODULE_MAGIC;
 
 static Datum X509_NAME_field_to_text(X509_NAME *name, text *fieldName);
 static Datum ASN1_STRING_to_text(ASN1_STRING *str);
-static Datum ASN1_TIME_to_timestamp(ASN1_TIME *time);
 
 /*
  * Function context for data persisting over repeated calls.
@@ -227,39 +225,6 @@ X509_NAME_field_to_text(X509_NAME *name, text *fieldName)
 }
 
 
-/*
- * Converts OpenSSL ASN1_TIME structure into timestamp
- *
- * Parameter: time - OpenSSL ASN1_TIME structure.
- *
- * Returns Datum, which can be directly returned from a C language SQL
- * function.
- */
-static Datum
-ASN1_TIME_to_timestamp(ASN1_TIME * time)
-{
-	struct tm	tm_time;
-	struct pg_tm pgtm_time;
-	Timestamp	ts;
-
-	ASN1_TIME_to_tm(time, &tm_time);
-
-	pgtm_time.tm_sec = tm_time.tm_sec;
-	pgtm_time.tm_min = tm_time.tm_min;
-	pgtm_time.tm_hour = tm_time.tm_hour;
-	pgtm_time.tm_mday = tm_time.tm_mday;
-	pgtm_time.tm_mon = tm_time.tm_mon + 1;
-	pgtm_time.tm_year = tm_time.tm_year + 1900;
-
-	if (tm2timestamp(&pgtm_time, 0, NULL, &ts))
-		ereport(ERROR,
-				(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-				 errmsg("failed to convert tm to timestamp")));
-
-	PG_RETURN_TIMESTAMP(ts);
-}
-
-
 /*
  * Returns specified field of client certificate distinguished name
  *
@@ -517,35 +482,3 @@ ssl_extension_info(PG_FUNCTION_ARGS)
 	/* All done */
 	SRF_RETURN_DONE(funcctx);
 }
-
-/*
- * Returns current client certificate notBefore timestamp in
- * timestamp data type
- */
-PG_FUNCTION_INFO_V1(ssl_client_get_notbefore);
-Datum
-ssl_client_get_notbefore(PG_FUNCTION_ARGS)
-{
-	X509	   *cert = MyProcPort->peer;
-
-	if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid)
-		PG_RETURN_NULL();
-
-	return ASN1_TIME_to_timestamp(X509_get_notBefore(cert));
-}
-
-/*
- * Returns current client certificate notAfter timestamp in
- * timestamp data type
- */
-PG_FUNCTION_INFO_V1(ssl_client_get_notafter);
-Datum
-ssl_client_get_notafter(PG_FUNCTION_ARGS)
-{
-	X509	   *cert = MyProcPort->peer;
-
-	if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid)
-		PG_RETURN_NULL();
-
-	return ASN1_TIME_to_timestamp(X509_get_notAfter(cert));
-}
@@ -1,5 +1,5 @@
 # sslinfo extension
 comment = 'information about SSL certificates'
-default_version = '1.3'
+default_version = '1.2'
 module_pathname = '$libdir/sslinfo'
 relocatable = true
@@ -2257,26 +2257,6 @@ SELECT pid, wait_event_type, wait_event FROM pg_stat_activity WHERE wait_event i
        This field is truncated like <structfield>client_dn</structfield>.
       </para></entry>
      </row>
-
-     <row>
-      <entry role="catalog_table_entry"><para role="column_definition">
-       <structfield>not_before</structfield> <type>text</type>
-      </para>
-      <para>
-       Not before UTC timestamp of the client certificate, or NULL if no client
-       certificate was supplied.
-      </para></entry>
-     </row>
-
-     <row>
-      <entry role="catalog_table_entry"><para role="column_definition">
-       <structfield>not_after</structfield> <type>text</type>
-      </para>
-      <para>
-       Not after UTC timestamp of the client certificate, or NULL if no client
-       certificate was supplied.
-      </para></entry>
-     </row>
     </tbody>
    </tgroup>
   </table>
 
@@ -240,36 +240,6 @@ emailAddress
     </para>
     </listitem>
    </varlistentry>
-
-   <varlistentry>
-    <term>
-     <function>ssl_client_get_notbefore() returns text</function>
-     <indexterm>
-      <primary>ssl_client_get_notbefore</primary>
-     </indexterm>
-    </term>
-    <listitem>
-    <para>
-     Return the <structfield>not before</structfield> UTC timestamp of the client
-     certificate.
-    </para>
-    </listitem>
-   </varlistentry>
-
-   <varlistentry>
-    <term>
-     <function>ssl_client_get_notafter() returns text</function>
-     <indexterm>
-      <primary>ssl_client_get_notafter</primary>
-     </indexterm>
-    </term>
-    <listitem>
-    <para>
-     Return the <structfield>not after</structfield> UTC timestamp of the client
-     certificate.
-    </para>
-    </listitem>
-   </varlistentry>
   </variablelist>
  </sect2>
 
 
@@ -970,9 +970,7 @@ CREATE VIEW pg_stat_ssl AS
             S.sslbits AS bits,
             S.ssl_client_dn AS client_dn,
             S.ssl_client_serial AS client_serial,
-            S.ssl_issuer_dn AS issuer_dn,
-            S.ssl_not_before AS not_before,
-            S.ssl_not_after AS not_after
+            S.ssl_issuer_dn AS issuer_dn
     FROM pg_stat_get_activity(NULL) AS S
     WHERE S.client_port IS NOT NULL;
 
 
@@ -36,7 +36,6 @@
 #include "tcop/tcopprot.h"
 #include "utils/builtins.h"
 #include "utils/memutils.h"
-#include "utils/timestamp.h"
 
 /*
  * These SSL-related #includes must come after all system-provided headers.
@@ -73,7 +72,6 @@ static bool initialize_ecdh(SSL_CTX *context, bool isServerStart);
 static const char *SSLerrmessage(unsigned long ecode);
 
 static char *X509_NAME_to_cstring(X509_NAME *name);
-static Timestamp ASN1_TIME_to_timestamp(ASN1_TIME *time);
 
 static SSL_CTX *SSL_context = NULL;
 static bool SSL_initialized = false;
@@ -1408,24 +1406,6 @@ be_tls_get_peer_issuer_name(Port *port, char *ptr, size_t len)
 		ptr[0] = '\0';
 }
 
-void
-be_tls_get_peer_not_before(Port *port, Timestamp *ptr)
-{
-	if (port->peer)
-		*ptr = ASN1_TIME_to_timestamp(X509_get_notBefore(port->peer));
-	else
-		*ptr = 0;
-}
-
-void
-be_tls_get_peer_not_after(Port *port, Timestamp *ptr)
-{
-	if (port->peer)
-		*ptr = ASN1_TIME_to_timestamp(X509_get_notAfter(port->peer));
-	else
-		*ptr = 0;
-}
-
 void
 be_tls_get_peer_serial(Port *port, char *ptr, size_t len)
 {
@@ -1569,33 +1549,6 @@ X509_NAME_to_cstring(X509_NAME *name)
 	return result;
 }
 
-/*
- * Convert an ASN1_TIME to a Timestamp
- */
-static Timestamp
-ASN1_TIME_to_timestamp(ASN1_TIME * time)
-{
-	struct tm	tm_time;
-	struct pg_tm pgtm_time;
-	Timestamp	ts;
-
-	ASN1_TIME_to_tm(time, &tm_time);
-
-	pgtm_time.tm_sec = tm_time.tm_sec;
-	pgtm_time.tm_min = tm_time.tm_min;
-	pgtm_time.tm_hour = tm_time.tm_hour;
-	pgtm_time.tm_mday = tm_time.tm_mday;
-	pgtm_time.tm_mon = tm_time.tm_mon + 1;
-	pgtm_time.tm_year = tm_time.tm_year + 1900;
-
-	if (tm2timestamp(&pgtm_time, 0, NULL, &ts))
-		ereport(ERROR,
-				(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-				 errmsg("timestamp out of range")));
-
-	return ts;
-}
-
 /*
  * Convert TLS protocol version GUC enum to OpenSSL values
  *
 
@@ -367,8 +367,6 @@ pgstat_bestart(void)
 		be_tls_get_peer_subject_name(MyProcPort, lsslstatus.ssl_client_dn, NAMEDATALEN);
 		be_tls_get_peer_serial(MyProcPort, lsslstatus.ssl_client_serial, NAMEDATALEN);
 		be_tls_get_peer_issuer_name(MyProcPort, lsslstatus.ssl_issuer_dn, NAMEDATALEN);
-		be_tls_get_peer_not_before(MyProcPort, &lsslstatus.ssl_not_before);
-		be_tls_get_peer_not_after(MyProcPort, &lsslstatus.ssl_not_after);
 	}
 	else
 	{
 
@@ -303,7 +303,7 @@ pg_stat_get_progress_info(PG_FUNCTION_ARGS)
 Datum
 pg_stat_get_activity(PG_FUNCTION_ARGS)
 {
-#define PG_STAT_GET_ACTIVITY_COLS	33
+#define PG_STAT_GET_ACTIVITY_COLS	31
 	int			num_backends = pgstat_fetch_stat_numbackends();
 	int			curr_backend;
 	int			pid = PG_ARGISNULL(0) ? -1 : PG_GETARG_INT32(0);
@@ -395,7 +395,7 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
 			pfree(clipped_activity);
 
 			/* leader_pid */
-			nulls[31] = true;
+			nulls[29] = true;
 
 			proc = BackendPidGetProc(beentry->st_procpid);
 
@@ -432,17 +432,17 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
 				 */
 				if (leader && leader->pid != beentry->st_procpid)
 				{
-					values[31] = Int32GetDatum(leader->pid);
-					nulls[31] = false;
+					values[29] = Int32GetDatum(leader->pid);
+					nulls[29] = false;
 				}
 				else if (beentry->st_backendType == B_BG_WORKER)
 				{
 					int			leader_pid = GetLeaderApplyWorkerPid(beentry->st_procpid);
 
 					if (leader_pid != InvalidPid)
 					{
-						values[31] = Int32GetDatum(leader_pid);
-						nulls[31] = false;
+						values[29] = Int32GetDatum(leader_pid);
+						nulls[29] = false;
 					}
 				}
 			}
@@ -587,45 +587,35 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
 					values[24] = CStringGetTextDatum(beentry->st_sslstatus->ssl_issuer_dn);
 				else
 					nulls[24] = true;
-
-				if (beentry->st_sslstatus->ssl_not_before != 0)
-					values[25] = TimestampGetDatum(beentry->st_sslstatus->ssl_not_before);
-				else
-					nulls[25] = true;
-
-				if (beentry->st_sslstatus->ssl_not_after != 0)
-					values[26] = TimestampGetDatum(beentry->st_sslstatus->ssl_not_after);
-				else
-					nulls[26] = true;
 			}
 			else
 			{
 				values[18] = BoolGetDatum(false);	/* ssl */
-				nulls[19] = nulls[20] = nulls[21] = nulls[22] = nulls[23] = nulls[24] = nulls[25] = nulls[26] = true;
+				nulls[19] = nulls[20] = nulls[21] = nulls[22] = nulls[23] = nulls[24] = true;
 			}
 
 			/* GSSAPI information */
 			if (beentry->st_gss)
 			{
-				values[27] = BoolGetDatum(beentry->st_gssstatus->gss_auth); /* gss_auth */
-				values[28] = CStringGetTextDatum(beentry->st_gssstatus->gss_princ);
-				values[29] = BoolGetDatum(beentry->st_gssstatus->gss_enc);	/* GSS Encryption in use */
-				values[30] = BoolGetDatum(beentry->st_gssstatus->gss_delegation);	/* GSS credentials
+				values[25] = BoolGetDatum(beentry->st_gssstatus->gss_auth); /* gss_auth */
+				values[26] = CStringGetTextDatum(beentry->st_gssstatus->gss_princ);
+				values[27] = BoolGetDatum(beentry->st_gssstatus->gss_enc);	/* GSS Encryption in use */
+				values[28] = BoolGetDatum(beentry->st_gssstatus->gss_delegation);	/* GSS credentials
 																					 * delegated */
 			}
 			else
 			{
-				values[27] = BoolGetDatum(false);	/* gss_auth */
-				nulls[28] = true;	/* No GSS principal */
-				values[29] = BoolGetDatum(false);	/* GSS Encryption not in
+				values[25] = BoolGetDatum(false);	/* gss_auth */
+				nulls[26] = true;	/* No GSS principal */
+				values[27] = BoolGetDatum(false);	/* GSS Encryption not in
 													 * use */
-				values[30] = BoolGetDatum(false);	/* GSS credentials not
+				values[28] = BoolGetDatum(false);	/* GSS credentials not
 													 * delegated */
 			}
 			if (beentry->st_query_id == 0)
-				nulls[32] = true;
+				nulls[30] = true;
 			else
-				values[32] = UInt64GetDatum(beentry->st_query_id);
+				values[30] = UInt64GetDatum(beentry->st_query_id);
 		}
 		else
 		{
@@ -655,8 +645,6 @@ pg_stat_get_activity(PG_FUNCTION_ARGS)
 			nulls[28] = true;
 			nulls[29] = true;
 			nulls[30] = true;
-			nulls[31] = true;
-			nulls[32] = true;
 		}
 
 		tuplestore_putvalues(rsinfo->setResult, rsinfo->setDesc, values, nulls);
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,6 @@ install_data(`
`26`	`26`	`'sslinfo--1.0--1.1.sql',`
`27`	`27`	`'sslinfo--1.1--1.2.sql',`
`28`	`28`	`'sslinfo--1.2.sql',`
`29`		`- 'sslinfo--1.2--1.3.sql',`
`30`	`29`	`'sslinfo.control',`
`31`	`30`	`kwargs: contrib_data_args,`
`32`	`31`	`)`
Original file line number	Diff line number	Diff line change
`@@ -367,8 +367,6 @@ pgstat_bestart(void)`
`367`	`367`	`be_tls_get_peer_subject_name(MyProcPort, lsslstatus.ssl_client_dn, NAMEDATALEN);`
`368`	`368`	`be_tls_get_peer_serial(MyProcPort, lsslstatus.ssl_client_serial, NAMEDATALEN);`
`369`	`369`	`be_tls_get_peer_issuer_name(MyProcPort, lsslstatus.ssl_issuer_dn, NAMEDATALEN);`
`370`		`- be_tls_get_peer_not_before(MyProcPort, &lsslstatus.ssl_not_before);`
`371`		`- be_tls_get_peer_not_after(MyProcPort, &lsslstatus.ssl_not_after);`
`372`	`370`	`}`
`373`	`371`	`else`
`374`	`372`	`{`