From 2d6e051bfc46bc5d30cb42c92ffdc2c11c5b7913 Mon Sep 17 00:00:00 2001 From: Alexander Kondakov Date: Fri, 5 Jun 2026 18:17:15 +0300 Subject: [PATCH] Fix sslinfo test behavior and increase info size Commit 5d1833f statrted to use be_tls_* API for SSL information in sslinfo in extensions functions. It trims expected string produced by X509_get_subject_name at NAMEDATALEN (64) length. Vanila postgres does not have tests for sslinfo at all, they were introduced in GPDB. Thus, we could either return the full string or leave the upsteam variant. Since the motivation behind upstream commit is refactoring, we could try to increase the symbol limits. --- contrib/sslinfo/sslinfo.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/contrib/sslinfo/sslinfo.c b/contrib/sslinfo/sslinfo.c index 30cae0bb985e..7bc4ff3e6482 100644 --- a/contrib/sslinfo/sslinfo.c +++ b/contrib/sslinfo/sslinfo.c @@ -297,12 +297,12 @@ PG_FUNCTION_INFO_V1(ssl_client_dn); Datum ssl_client_dn(PG_FUNCTION_ARGS) { - char subject[NAMEDATALEN]; + char subject[2 * NAMEDATALEN]; if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid) PG_RETURN_NULL(); - be_tls_get_peer_subject_name(MyProcPort, subject, NAMEDATALEN); + be_tls_get_peer_subject_name(MyProcPort, subject, sizeof(subject)); if (!*subject) PG_RETURN_NULL(); @@ -324,12 +324,12 @@ PG_FUNCTION_INFO_V1(ssl_issuer_dn); Datum ssl_issuer_dn(PG_FUNCTION_ARGS) { - char issuer[NAMEDATALEN]; + char issuer[2 * NAMEDATALEN]; if (!MyProcPort->ssl_in_use || !MyProcPort->peer_cert_valid) PG_RETURN_NULL(); - be_tls_get_peer_issuer_name(MyProcPort, issuer, NAMEDATALEN); + be_tls_get_peer_issuer_name(MyProcPort, issuer, sizeof(issuer)); if (!*issuer) PG_RETURN_NULL();