From 31ae87c33296215681f4bd4e1db5ec9e591ab947 Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Thu, 23 Sep 2004 13:16:02 +0000
Subject: [PATCH] This patch attempts to note the use of the root.crt file in
 the server. Given that PostgreSQL will output a message complaining about
 it's absence if you're using SSL mode, I feel it's important that it gets a
 mention in the documentation at some point.

Dominic Mitchell
---
 doc/src/sgml/runtime.sgml | 20 +++++++++++++++++++-
 src/include/c.h           |  9 ++++++---
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 831bd1acce..ff437bad35 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.282 2004/09/22 03:55:24 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.283 2004/09/23 13:15:57 momjian Exp $
 -->
 
 <Chapter Id="runtime">
@@ -4358,6 +4358,24 @@ chmod og-rwx server.key
    to turn the certificate into a self-signed certificate and to copy the
    key and certificate to where the server will look for them.
   </para>
+
+  <para>
+   If verification of client certificates is required, place the
+   certificates of the <acronym>CA</acronym> you wish to check for in
+   the file <filename>root.crt</filename> in the data directory.  When
+   present, a client certificate will be requested from the client
+   making the connection and it must have been signed by one of the
+   certificates present in <filename>root.crt</filename>.  If no
+   certificate is presented, the connection will be allowed to proceed
+   anway.
+  </para>
+
+  <para>
+   The <filename>root.crt</filename> file is always checked for, and
+   its absence will be noted through a message in the log.  This is
+   merely an informative message that client certificates will not be
+   requested.
+  </para>
  </sect1>
 
  <sect1 id="ssh-tunnels">
diff --git a/src/include/c.h b/src/include/c.h
index cfce57c070..0c9e88d184 100644
--- a/src/include/c.h
+++ b/src/include/c.h
@@ -12,7 +12,7 @@
  * Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/include/c.h,v 1.172 2004/09/16 16:58:38 tgl Exp $
+ * $PostgreSQL: pgsql/src/include/c.h,v 1.173 2004/09/23 13:16:02 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -75,10 +75,13 @@
 #include <SupportDefs.h>
 #endif
 
-#if (defined(WIN32) || defined(__CYGWIN__)) && \
-	!defined(_MSC_VER) && !defined(__BORLANDC__)
+#if defined(WIN32) || defined(__CYGWIN__)
+#if	!defined(_MSC_VER) && !defined(__BORLANDC__)
 /* We have to redefine some system functions after they are included above */
 #include "pg_config_os.h"
+#else
+#include <windows.h>	/* We don't have a port file for MSC/BCC */
+#endif
 #endif
 
 /* Must be before gettext() games below */