NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commite30b0b5

committed

Fix check for conflicting SSL min/max protocol settings

Commit79dfa8a has introduced a check to catch when the minimum protocolversion was set higher than the maximum version, however an error wasgetting generated when both bounds are set even if they are able towork, causing a backend to not use a new SSL context but keep the oldone.Author: Daniel GustafssonDiscussion:https://postgr.es/m/14BFD060-8C9D-43B4-897D-D5D9AA6FC92B@yesql.se

1 parent1816a1c commite30b0b5Copy full SHA for e30b0b5

File tree

1 file changed

-1

lines changed

src/backend/libpq
- be-secure-openssl.c

1 file changed

-1

lines changed

`‎src/backend/libpq/be-secure-openssl.c`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -226,12 +226,14 @@ be_tls_init(bool isServerStart)`
`226`	`226`	`* as the code above would have already generated an error.`
`227`	`227`	`*/`
`228`	`228`	`if (ssl_ver_min>ssl_ver_max)`
	`229`	`+{`
`229`	`230`	`ereport(isServerStart ?FATAL :LOG,`
`230`	`231`	`(errmsg("could not set SSL protocol version range"),`
`231`	`232`	`errdetail("\"%s\" cannot be higher than \"%s\"",`
`232`	`233`	`"ssl_min_protocol_version",`
`233`	`234`	`"ssl_max_protocol_version")));`
`234`		`-gotoerror;`
	`235`	`+gotoerror;`
	`236`	`+}`
`235`	`237`	`}`
`236`	`238`
`237`	`239`	`/* disallow SSL session tickets */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commite30b0b5

File tree

1 file changed

1 file changed

`‎src/backend/libpq/be-secure-openssl.c`

0 commit comments