From 357e4d64f871cccd57390581070c4239465c2eb5 Mon Sep 17 00:00:00 2001 From: Jacob Champion Date: Wed, 17 Jun 2026 09:57:20 -0700 Subject: [PATCH] libpq-oauth: Print libcurl version with OAUTHDEBUG_UNSAFE_TRACE When debugging an OAuth trace, it's helpful to know what version of Curl is in use. The SSL library that Curl is using (which may not be the one in use by libpq) is also relevant, and it's just as easy to get, so print that too. This is being added post-feature-freeze, with RMT approval, in order to fix some tests in the face of an upstream Curl regression. A subsequent commit will make use of it in oauth_validator. Backpatch to 18 as well. Tested-by: Tom Lane Discussion: https://postgr.es/m/CAOYmi%2B%3DkP86t%2BZFFXNQ9G6K4ht7utdmB%3DCzhP%3DZ2wvuBymOTtQ%40mail.gmail.com Backpatch-through: 18 --- src/interfaces/libpq-oauth/oauth-curl.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/src/interfaces/libpq-oauth/oauth-curl.c b/src/interfaces/libpq-oauth/oauth-curl.c index 64b5306372a..70fac3ea243 100644 --- a/src/interfaces/libpq-oauth/oauth-curl.c +++ b/src/interfaces/libpq-oauth/oauth-curl.c @@ -2666,9 +2666,7 @@ initialize_curl(PGconn *conn) * PG_BOOL_YES/NO in cases where that's not the final answer. */ static volatile PGTernaryBool init_successful = PG_BOOL_UNKNOWN; -#if HAVE_THREADSAFE_CURL_GLOBAL_INIT curl_version_info_data *info; -#endif #if !HAVE_THREADSAFE_CURL_GLOBAL_INIT @@ -2716,6 +2714,8 @@ initialize_curl(PGconn *conn) goto done; } + info = curl_version_info(CURLVERSION_NOW); + #if HAVE_THREADSAFE_CURL_GLOBAL_INIT /* @@ -2725,7 +2725,6 @@ initialize_curl(PGconn *conn) * situation), then double-check to make sure the runtime setting agrees, * to try to catch silent downgrades. */ - info = curl_version_info(CURLVERSION_NOW); if (!(info->features & CURL_VERSION_THREADSAFE)) { /* @@ -2742,6 +2741,22 @@ initialize_curl(PGconn *conn) } #endif + if (oauth_unsafe_debugging_enabled()) + { + /* + * Record the version of libcurl and its SSL library when tracing, + * since those are likely to be relevant to network debugging. Neither + * of these strings should be NULL in a useful installation, but + * that's no reason to crash if they are, so provide fallbacks. + * + * Other Curl dependency info might be helpful in the future, too; + * just be sure to check info->age as needed when adding more. + */ + fprintf(stderr, "[libpq] initialized libcurl %s (%s)\n", + info->version ? info->version : "version unknown", + info->ssl_version ? info->ssl_version : "no SSL"); + } + init_successful = PG_BOOL_YES; done: