Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit272923a

Browse files
committed
Simplify the way OpenSSL renegotiation is initiated in server.
At least in all modern versions of OpenSSL, it is enough to callSSL_renegotiate() once, and then forget about it. Subsequent SSL_write()and SSL_read() calls will finish the handshake.The SSL_set_session_id_context() call is unnecessary too. We only haveone SSL context, and the SSL session was created with that to begin with.
1 parentdc01efa commit272923a

File tree

1 file changed

+0
-23
lines changed

1 file changed

+0
-23
lines changed

‎src/backend/libpq/be-secure-openssl.c

Lines changed: 0 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -624,33 +624,10 @@ be_tls_write(Port *port, void *ptr, size_t len)
624624
*/
625625
SSL_clear_num_renegotiations(port->ssl);
626626

627-
SSL_set_session_id_context(port->ssl, (void*)&SSL_context,
628-
sizeof(SSL_context));
629627
if (SSL_renegotiate(port->ssl) <=0)
630628
ereport(COMMERROR,
631629
(errcode(ERRCODE_PROTOCOL_VIOLATION),
632630
errmsg("SSL failure during renegotiation start")));
633-
else
634-
{
635-
intretries;
636-
637-
/*
638-
* A handshake can fail, so be prepared to retry it, but only
639-
* a few times.
640-
*/
641-
for (retries=0;;retries++)
642-
{
643-
if (SSL_do_handshake(port->ssl)>0)
644-
break;/* done */
645-
ereport(COMMERROR,
646-
(errcode(ERRCODE_PROTOCOL_VIOLATION),
647-
errmsg("SSL handshake failure on renegotiation, retrying")));
648-
if (retries >=20)
649-
ereport(FATAL,
650-
(errcode(ERRCODE_PROTOCOL_VIOLATION),
651-
errmsg("could not complete SSL handshake on renegotiation, too many failures")));
652-
}
653-
}
654631
}
655632

656633
wloop:

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp