Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitbba486f

Browse files
committed
Base the default SSL ciphers on DEFAULT instead of ALL
It's better to start from what the OpenSSL people consider a gooddefault and then remove insecure things (low encryption, exportableencryption and md5 at this point) from that, instead of startingfrom everything that exists and remove from that. We trust theOpenSSL people to make good choices about what the default is.
1 parent4eebf13 commitbba486f

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

‎src/backend/utils/misc/guc.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3056,7 +3056,7 @@ static struct config_string ConfigureNamesString[] =
30563056
},
30573057
&SSLCipherSuites,
30583058
#ifdefUSE_SSL
3059-
"ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH",
3059+
"DEFAULT:!LOW:!EXP:!MD5:@STRENGTH",
30603060
#else
30613061
"none",
30623062
#endif

‎src/backend/utils/misc/postgresql.conf.sample

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@
7979

8080
#authentication_timeout = 1min# 1s-600s
8181
#ssl = off# (change requires restart)
82-
#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH'# allowed SSL ciphers
82+
#ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH'# allowed SSL ciphers
8383
# (change requires restart)
8484
#ssl_renegotiation_limit = 512MB# amount of data between renegotiations
8585
#ssl_cert_file = 'server.crt'# (change requires restart)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp