From 9e1cd1e3fec3783b0c4c5164a53a8220595a336b Mon Sep 17 00:00:00 2001 From: Andrey Sokolov Date: Wed, 13 Nov 2024 16:48:44 +0300 Subject: [PATCH 01/10] Implement TLS options for PXF external tables --- external-table/src/pxfutils.h | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/external-table/src/pxfutils.h b/external-table/src/pxfutils.h index db930e5fb3..194b485cb0 100644 --- a/external-table/src/pxfutils.h +++ b/external-table/src/pxfutils.h @@ -28,14 +28,29 @@ const int get_pxf_port(void); /* Returns the namespace (schema) name for a given namespace oid */ char *GetNamespaceName(Oid nsp_oid); -#define PXF_PROFILE "PROFILE" -#define FRAGMENTER "FRAGMENTER" -#define ACCESSOR "ACCESSOR" -#define RESOLVER "RESOLVER" -#define ANALYZER "ANALYZER" -#define ENV_PXF_HOST "PXF_HOST" -#define ENV_PXF_PORT "PXF_PORT" -#define PXF_DEFAULT_HOST "localhost" -#define PXF_DEFAULT_PORT 5888 +#define PXF_PROFILE "PROFILE" +#define FRAGMENTER "FRAGMENTER" +#define ACCESSOR "ACCESSOR" +#define RESOLVER "RESOLVER" +#define ANALYZER "ANALYZER" +#define ENV_PXF_HOST "PXF_HOST" +#define ENV_PXF_PORT "PXF_PORT" +#define ENV_PXF_PROTOCOL "PXF_PROTOCOL" +#define ENV_PXF_SSL_CACERT_PATH "PXF_SSL_CACERT_PATH" +#define ENV_PXF_SSL_CERT "PXF_SSL_CERT" +#define ENV_PXF_SSL_CERT_TYPE "PXF_SSL_CERT_TYPE" +#define ENV_PXF_SSL_KEY "PXF_SSL_KEY" +#define ENV_PXF_SSL_KEYPASSWD "PXF_SSL_KEYPASSWD" +#define ENV_PXF_SSL_VERIFY_PEER "PXF_SSL_VERIFY_PEER" +#define PXF_DEFAULT_HOST "localhost" +#define PXF_DEFAULT_PORT 5888 +#define PXF_DEFAULT_PROTOCOL "http" +#define PXF_DEFAULT_SSL_CACERT_PATH "/home/gpadmin/arenadata_configs/cacert.pem" +#define PXF_DEFAULT_SSL_CERT "client.p12" +#define PXF_DEFAULT_SSL_CERT_TYPE "P12" +#define PXF_DEFAULT_SSL_KEY "" +#define PXF_DEFAULT_SSL_KEYPASSWD "" +#define PXF_DEFAULT_SSL_VERIFY_PEER 1 + #endif /* _PXFUTILS_H_ */ From a714710417367f5f7cebbef2dd18d01ca3020355 Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Mon, 25 Nov 2024 12:36:40 +0300 Subject: [PATCH 02/10] Implementation according to SRS --- external-table/src/libchurl.c | 33 ++++++++++++ external-table/src/pxfbridge.c | 13 ++--- external-table/src/pxfutils.c | 91 ++++++++++++++++++++++++++++++++++ external-table/src/pxfutils.h | 14 +++++- 4 files changed, 143 insertions(+), 8 deletions(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index efc890c31a..101560221e 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -108,6 +108,7 @@ static JsonSemAction nullSemAction = churl_context *churl_new_context(void); static void create_curl_handle(churl_context *context); static void set_curl_option(churl_context *context, CURLoption option, const void *data); +static void set_curl_ssl_options(churl_context *context); static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userdata); static void setup_multi_handle(churl_context *context); static void multi_perform(churl_context *context); @@ -415,11 +416,43 @@ churl_init(const char *url, CHURL_HEADERS headers) set_curl_option(context, CURLOPT_WRITEDATA, context); set_curl_option(context, CURLOPT_HEADERFUNCTION, header_callback); set_curl_option(context, CURLOPT_HEADERDATA, context); + + set_curl_ssl_options(context); + churl_headers_set(context, headers); return (CHURL_HANDLE) context; } +static void +set_curl_ssl_options(churl_context *context) +{ + const char *proto = get_pxf_protocol(); + + if (proto && strcmp(proto, "https") == 0 ) + { + + const char *keypasswd = get_pxf_ssl_keypasswd(); + const char *cacert = get_pxf_ssl_cacert(); // PXF_SSL_CACERT + + set_curl_option(context, CURLOPT_SSLCERT, get_pxf_ssl_cert()); + set_curl_option(context, CURLOPT_SSLKEY, get_pxf_ssl_key()); + + set_curl_option(context, CURLOPT_SSLCERTTYPE, get_pxf_ssl_certtype()); + if (keypasswd != NULL) + { + set_curl_option(context, CURLOPT_SSLKEYPASSWD, keypasswd); + } + + if (cacert != NULL && cacert[0] != '\0') + { + set_curl_option(context, CURLOPT_CAINFO, cacert); + } + + set_curl_option(context, CURLOPT_SSL_VERIFYPEER, (const void *)get_pxf_ssl_verifypeer()); + } +} + CHURL_HANDLE churl_init_upload(const char *url, CHURL_HEADERS headers) { diff --git a/external-table/src/pxfbridge.c b/external-table/src/pxfbridge.c index 80267a04a5..023e389e39 100644 --- a/external-table/src/pxfbridge.c +++ b/external-table/src/pxfbridge.c @@ -230,8 +230,8 @@ static void build_uri_for_cancel(pxfbridge_cancel *cancel) { resetStringInfo(&cancel->uri); - appendStringInfo(&cancel->uri, "http://%s/%s/cancel", - get_authority(), PXF_SERVICE_PREFIX); + appendStringInfo(&cancel->uri, "%s://%s/%s/cancel", + get_pxf_protocol(), get_authority(), PXF_SERVICE_PREFIX); if ((LOG >= log_min_messages) || (LOG >= client_min_messages)) { @@ -248,8 +248,8 @@ static void build_uri_for_read(gphadoop_context *context) { resetStringInfo(&context->uri); - appendStringInfo(&context->uri, "http://%s/%s/read", - get_authority(), PXF_SERVICE_PREFIX); + appendStringInfo(&context->uri, "%s://%s/%s/read", + get_pxf_protocol(), get_authority(), PXF_SERVICE_PREFIX); if ((LOG >= log_min_messages) || (LOG >= client_min_messages)) { @@ -265,8 +265,9 @@ build_uri_for_read(gphadoop_context *context) static void build_uri_for_write(gphadoop_context *context) { - appendStringInfo(&context->uri, "http://%s/%s/write", - get_authority(), PXF_SERVICE_PREFIX); + + appendStringInfo(&context->uri, "%s://%s/%s/write", + get_pxf_protocol(), get_authority(), PXF_SERVICE_PREFIX); if ((LOG >= log_min_messages) || (LOG >= client_min_messages)) { diff --git a/external-table/src/pxfutils.c b/external-table/src/pxfutils.c index c6a01e6ca1..9ef25430c2 100644 --- a/external-table/src/pxfutils.c +++ b/external-table/src/pxfutils.c @@ -76,6 +76,18 @@ get_authority(void) return psprintf("%s:%d", get_pxf_host(), get_pxf_port()); } +const char * +get_pxf_protocol(void) +{ + const char *proto = getenv(ENV_PXF_PROTOCOL); + + if (proto == NULL) { + proto = PXF_DEFAULT_PROTOCOL; + } + + return proto; +} + /* Returns the PXF Host defined in the PXF_HOST * environment variable or the default when undefined */ @@ -116,6 +128,85 @@ get_pxf_port(void) return port; } +const char * +get_pxf_ssl_keypasswd(void) +{ + const char *proto = getenv(ENV_PXF_SSL_KEYPASSWD); + + if (proto == NULL) + { + proto = PXF_DEFAULT_SSL_KEYPASSWD; + } + + return proto; +} + +const char * +get_pxf_ssl_cacert(void) +{ + const char *cacert = getenv(ENV_PXF_SSL_CACERT); + + if (cacert == NULL) + { + cacert = PXF_DEFAULT_SSL_CACERT; + } + + return cacert; +} + +const char * +get_pxf_ssl_cert(void) +{ + const char *cert = getenv(ENV_PXF_SSL_CERT); + + if (cert == NULL) + { + cert = PXF_DEFAULT_SSL_CERT; + } + + return cert; +} + +const char * +get_pxf_ssl_key(void) +{ + const char *key = getenv(ENV_PXF_SSL_KEY); + + if (key == NULL) + { + key = PXF_DEFAULT_SSL_KEY; + } + + return key; +} + +const char * +get_pxf_ssl_certtype(void) +{ + const char *certtype = getenv(ENV_PXF_SSL_CERT_TYPE); + + if (certtype == NULL) + { + certtype = PXF_DEFAULT_SSL_CERT_TYPE; + } + + return certtype; +} + +long +get_pxf_ssl_verifypeer(void) +{ + const char *verify_peer_var = getenv(ENV_PXF_SSL_VERIFY_PEER); + long verifypeer = PXF_DEFAULT_SSL_VERIFY_PEER; + + if (verify_peer_var != NULL) + { + verifypeer = atol(verify_peer_var); + } + + return verifypeer; +} + /* Returns the namespace (schema) name for a given namespace oid */ char * GetNamespaceName(Oid nsp_oid) diff --git a/external-table/src/pxfutils.h b/external-table/src/pxfutils.h index 194b485cb0..d39966a538 100644 --- a/external-table/src/pxfutils.h +++ b/external-table/src/pxfutils.h @@ -12,6 +12,9 @@ char *TypeOidGetTypename(Oid typid); /* Concatenate multiple literal strings using stringinfo */ char *concat(int num_args,...); +/* Get protocol for the PXF server URL */ +const char *get_pxf_protocol(void); + /* Get authority (host:port) for the PXF server URL */ char *get_authority(void); @@ -25,6 +28,13 @@ const char *get_pxf_host(void); */ const int get_pxf_port(void); +const char *get_pxf_ssl_keypasswd(void); +const char *get_pxf_ssl_cacert(void); +const char *get_pxf_ssl_cert(void); +const char *get_pxf_ssl_key(void); +const char *get_pxf_ssl_certtype(void); +long get_pxf_ssl_verifypeer(void); + /* Returns the namespace (schema) name for a given namespace oid */ char *GetNamespaceName(Oid nsp_oid); @@ -36,7 +46,7 @@ char *GetNamespaceName(Oid nsp_oid); #define ENV_PXF_HOST "PXF_HOST" #define ENV_PXF_PORT "PXF_PORT" #define ENV_PXF_PROTOCOL "PXF_PROTOCOL" -#define ENV_PXF_SSL_CACERT_PATH "PXF_SSL_CACERT_PATH" +#define ENV_PXF_SSL_CACERT "PXF_SSL_CACERT" #define ENV_PXF_SSL_CERT "PXF_SSL_CERT" #define ENV_PXF_SSL_CERT_TYPE "PXF_SSL_CERT_TYPE" #define ENV_PXF_SSL_KEY "PXF_SSL_KEY" @@ -45,7 +55,7 @@ char *GetNamespaceName(Oid nsp_oid); #define PXF_DEFAULT_HOST "localhost" #define PXF_DEFAULT_PORT 5888 #define PXF_DEFAULT_PROTOCOL "http" -#define PXF_DEFAULT_SSL_CACERT_PATH "/home/gpadmin/arenadata_configs/cacert.pem" +#define PXF_DEFAULT_SSL_CACERT "/home/gpadmin/arenadata_configs/cacert.pem" #define PXF_DEFAULT_SSL_CERT "client.p12" #define PXF_DEFAULT_SSL_CERT_TYPE "P12" #define PXF_DEFAULT_SSL_KEY "" From ba31ada7e6bf304471d6f14ec12f86b8c178436a Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Mon, 16 Dec 2024 09:20:59 +0500 Subject: [PATCH 03/10] Simplify code according to the review. --- external-table/src/libchurl.c | 3 +- external-table/src/pxfutils.c | 86 ++++++++++++----------------------- 2 files changed, 31 insertions(+), 58 deletions(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 101560221e..51f85a1be0 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -429,9 +429,8 @@ set_curl_ssl_options(churl_context *context) { const char *proto = get_pxf_protocol(); - if (proto && strcmp(proto, "https") == 0 ) + if (proto && strcmp(proto, "https") == 0) { - const char *keypasswd = get_pxf_ssl_keypasswd(); const char *cacert = get_pxf_ssl_cacert(); // PXF_SSL_CACERT diff --git a/external-table/src/pxfutils.c b/external-table/src/pxfutils.c index 9ef25430c2..d74ce504dc 100644 --- a/external-table/src/pxfutils.c +++ b/external-table/src/pxfutils.c @@ -8,6 +8,9 @@ #include "utils/formatting.h" #include "utils/syscache.h" +static const char *getenv_char(const char *name, const char *default_value); +static long getenv_long(const char *name, long default_value); + /* * Full name of the HEADER KEY expected by the PXF service * Converts input string to upper case and prepends "X-GP-OPTIONS-" string @@ -69,6 +72,26 @@ concat(int num_args,...) return str.data; } +static const char* +getenv_char(const char *name, const char *default_value) +{ + const char *value = getenv(name); + if (value == NULL) + return default_value; + + return value; +} + +static long +getenv_long(const char *name, long default_value) +{ + const char *value = getenv(name); + if (value == NULL) + return default_value; + + return atol(value); +} + /* Get authority (host:port) for the PXF server URL */ char * get_authority(void) @@ -79,13 +102,7 @@ get_authority(void) const char * get_pxf_protocol(void) { - const char *proto = getenv(ENV_PXF_PROTOCOL); - - if (proto == NULL) { - proto = PXF_DEFAULT_PROTOCOL; - } - - return proto; + return getenv_char(ENV_PXF_PROTOCOL, PXF_DEFAULT_PROTOCOL); } /* Returns the PXF Host defined in the PXF_HOST @@ -131,80 +148,37 @@ get_pxf_port(void) const char * get_pxf_ssl_keypasswd(void) { - const char *proto = getenv(ENV_PXF_SSL_KEYPASSWD); - - if (proto == NULL) - { - proto = PXF_DEFAULT_SSL_KEYPASSWD; - } - - return proto; + return getenv_char(ENV_PXF_SSL_KEYPASSWD, PXF_DEFAULT_SSL_KEYPASSWD); } const char * get_pxf_ssl_cacert(void) { - const char *cacert = getenv(ENV_PXF_SSL_CACERT); - - if (cacert == NULL) - { - cacert = PXF_DEFAULT_SSL_CACERT; - } - - return cacert; + return getenv_char(ENV_PXF_SSL_CACERT, PXF_DEFAULT_SSL_CACERT); } const char * get_pxf_ssl_cert(void) { - const char *cert = getenv(ENV_PXF_SSL_CERT); - - if (cert == NULL) - { - cert = PXF_DEFAULT_SSL_CERT; - } - - return cert; + return getenv_char(ENV_PXF_SSL_CERT, PXF_DEFAULT_SSL_CERT); } const char * get_pxf_ssl_key(void) { - const char *key = getenv(ENV_PXF_SSL_KEY); - - if (key == NULL) - { - key = PXF_DEFAULT_SSL_KEY; - } - - return key; + return getenv_char(ENV_PXF_SSL_KEY, PXF_DEFAULT_SSL_KEY); } const char * get_pxf_ssl_certtype(void) { - const char *certtype = getenv(ENV_PXF_SSL_CERT_TYPE); - - if (certtype == NULL) - { - certtype = PXF_DEFAULT_SSL_CERT_TYPE; - } - - return certtype; + return getenv_char(ENV_PXF_SSL_CERT_TYPE, PXF_DEFAULT_SSL_CERT_TYPE); } long get_pxf_ssl_verifypeer(void) { - const char *verify_peer_var = getenv(ENV_PXF_SSL_VERIFY_PEER); - long verifypeer = PXF_DEFAULT_SSL_VERIFY_PEER; - - if (verify_peer_var != NULL) - { - verifypeer = atol(verify_peer_var); - } - - return verifypeer; + return getenv_long(ENV_PXF_SSL_VERIFY_PEER, PXF_DEFAULT_SSL_VERIFY_PEER); } /* Returns the namespace (schema) name for a given namespace oid */ From e8f5602efa76f901bd2459aedcc17e1d116c4b12 Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Fri, 20 Dec 2024 09:26:40 +0500 Subject: [PATCH 04/10] Changes according to the review --- external-table/src/libchurl.c | 2 +- external-table/src/pxfutils.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 51f85a1be0..981ba38494 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -448,7 +448,7 @@ set_curl_ssl_options(churl_context *context) set_curl_option(context, CURLOPT_CAINFO, cacert); } - set_curl_option(context, CURLOPT_SSL_VERIFYPEER, (const void *)get_pxf_ssl_verifypeer()); + set_curl_option(context, CURLOPT_SSL_VERIFYPEER, (const void *) get_pxf_ssl_verifypeer()); } } diff --git a/external-table/src/pxfutils.h b/external-table/src/pxfutils.h index d39966a538..1ac5ddbd85 100644 --- a/external-table/src/pxfutils.h +++ b/external-table/src/pxfutils.h @@ -56,8 +56,8 @@ char *GetNamespaceName(Oid nsp_oid); #define PXF_DEFAULT_PORT 5888 #define PXF_DEFAULT_PROTOCOL "http" #define PXF_DEFAULT_SSL_CACERT "/home/gpadmin/arenadata_configs/cacert.pem" -#define PXF_DEFAULT_SSL_CERT "client.p12" -#define PXF_DEFAULT_SSL_CERT_TYPE "P12" +#define PXF_DEFAULT_SSL_CERT "client.pem" +#define PXF_DEFAULT_SSL_CERT_TYPE "pem" #define PXF_DEFAULT_SSL_KEY "" #define PXF_DEFAULT_SSL_KEYPASSWD "" #define PXF_DEFAULT_SSL_VERIFY_PEER 1 From b541a24d86d1edf1b237749f83632e287b36367e Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Fri, 20 Dec 2024 10:42:10 +0500 Subject: [PATCH 05/10] Fix whitespaces --- external-table/src/libchurl.c | 4 ++-- external-table/src/pxfbridge.c | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 981ba38494..8150600c9c 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -438,12 +438,12 @@ set_curl_ssl_options(churl_context *context) set_curl_option(context, CURLOPT_SSLKEY, get_pxf_ssl_key()); set_curl_option(context, CURLOPT_SSLCERTTYPE, get_pxf_ssl_certtype()); - if (keypasswd != NULL) + if (keypasswd != NULL) { set_curl_option(context, CURLOPT_SSLKEYPASSWD, keypasswd); } - if (cacert != NULL && cacert[0] != '\0') + if (cacert != NULL && cacert[0] != '\0') { set_curl_option(context, CURLOPT_CAINFO, cacert); } diff --git a/external-table/src/pxfbridge.c b/external-table/src/pxfbridge.c index 023e389e39..65eda8ea1e 100644 --- a/external-table/src/pxfbridge.c +++ b/external-table/src/pxfbridge.c @@ -265,7 +265,6 @@ build_uri_for_read(gphadoop_context *context) static void build_uri_for_write(gphadoop_context *context) { - appendStringInfo(&context->uri, "%s://%s/%s/write", get_pxf_protocol(), get_authority(), PXF_SERVICE_PREFIX); From b99da4168480aecc87a0a36f4d3ef32b94870096 Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Mon, 23 Dec 2024 09:55:06 +0500 Subject: [PATCH 06/10] Use ternary operator just like in get_pxf_host in response to the review --- external-table/src/pxfutils.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/external-table/src/pxfutils.c b/external-table/src/pxfutils.c index d74ce504dc..37f59bd8f7 100644 --- a/external-table/src/pxfutils.c +++ b/external-table/src/pxfutils.c @@ -76,20 +76,16 @@ static const char* getenv_char(const char *name, const char *default_value) { const char *value = getenv(name); - if (value == NULL) - return default_value; - - return value; + + return value ? value : default_value; } static long getenv_long(const char *name, long default_value) { const char *value = getenv(name); - if (value == NULL) - return default_value; - return atol(value); + return value ? atol(value) : default_value; } /* Get authority (host:port) for the PXF server URL */ From 31e44f9b6bfb60a173b84480a6b5aca2ee62842b Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Tue, 24 Dec 2024 12:46:34 +0500 Subject: [PATCH 07/10] Remove extra comment --- external-table/src/libchurl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 8150600c9c..4a41f24286 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -432,7 +432,7 @@ set_curl_ssl_options(churl_context *context) if (proto && strcmp(proto, "https") == 0) { const char *keypasswd = get_pxf_ssl_keypasswd(); - const char *cacert = get_pxf_ssl_cacert(); // PXF_SSL_CACERT + const char *cacert = get_pxf_ssl_cacert(); set_curl_option(context, CURLOPT_SSLCERT, get_pxf_ssl_cert()); set_curl_option(context, CURLOPT_SSLKEY, get_pxf_ssl_key()); From 32176880384505d983b9eba7996b120b36df80f5 Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Tue, 24 Dec 2024 15:21:57 +0500 Subject: [PATCH 08/10] Remove redundant empty line --- external-table/src/pxfutils.h | 1 - 1 file changed, 1 deletion(-) diff --git a/external-table/src/pxfutils.h b/external-table/src/pxfutils.h index 1ac5ddbd85..a622964f1d 100644 --- a/external-table/src/pxfutils.h +++ b/external-table/src/pxfutils.h @@ -62,5 +62,4 @@ char *GetNamespaceName(Oid nsp_oid); #define PXF_DEFAULT_SSL_KEYPASSWD "" #define PXF_DEFAULT_SSL_VERIFY_PEER 1 - #endif /* _PXFUTILS_H_ */ From 16ead7533f589a184ac1cd1ae116cead176432d1 Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Tue, 24 Dec 2024 15:44:59 +0500 Subject: [PATCH 09/10] Remove extra check for keypasswd as it can not be NULL --- external-table/src/libchurl.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 4a41f24286..681acd904d 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -431,17 +431,13 @@ set_curl_ssl_options(churl_context *context) if (proto && strcmp(proto, "https") == 0) { - const char *keypasswd = get_pxf_ssl_keypasswd(); const char *cacert = get_pxf_ssl_cacert(); set_curl_option(context, CURLOPT_SSLCERT, get_pxf_ssl_cert()); set_curl_option(context, CURLOPT_SSLKEY, get_pxf_ssl_key()); set_curl_option(context, CURLOPT_SSLCERTTYPE, get_pxf_ssl_certtype()); - if (keypasswd != NULL) - { - set_curl_option(context, CURLOPT_SSLKEYPASSWD, keypasswd); - } + set_curl_option(context, CURLOPT_SSLKEYPASSWD, get_pxf_ssl_keypasswd()); if (cacert != NULL && cacert[0] != '\0') { From 7b96b0cfb9d2156b97f05e2978ed2f63825fc43c Mon Sep 17 00:00:00 2001 From: Denis Kovalev Date: Tue, 24 Dec 2024 15:47:45 +0500 Subject: [PATCH 10/10] Change CURLOPT_SSLKEYPASSWD to CURLOPT_KEYPASSWD as it more recent --- external-table/src/libchurl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/external-table/src/libchurl.c b/external-table/src/libchurl.c index 681acd904d..14c8a77b46 100644 --- a/external-table/src/libchurl.c +++ b/external-table/src/libchurl.c @@ -437,7 +437,7 @@ set_curl_ssl_options(churl_context *context) set_curl_option(context, CURLOPT_SSLKEY, get_pxf_ssl_key()); set_curl_option(context, CURLOPT_SSLCERTTYPE, get_pxf_ssl_certtype()); - set_curl_option(context, CURLOPT_SSLKEYPASSWD, get_pxf_ssl_keypasswd()); + set_curl_option(context, CURLOPT_KEYPASSWD, get_pxf_ssl_keypasswd()); if (cacert != NULL && cacert[0] != '\0') {