From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Michael Paquier <michael(at)paquier(dot)xyz> |
Cc: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Subject: | Re: Inconsistent error handling in the openssl init code |
Date: | 2019-02-07 09:03:30 |
Message-ID: | A0FBBA64-4092-4DC5-BDC5-DB2049714968@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 7 Feb 2019, at 05:12, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Wed, Feb 06, 2019 at 11:18:22PM +0100, Daniel Gustafsson wrote:
>> The errorhandling in be_tls_init(), and functions called from it, set the
>> appropriate elevel by the isServerStart. ssl_protocol_version_to_openssl() is
>> however erroring out unconditionally with ERROR on invalid TLS versions. The
>> attached patch adds isServerStart handling to the TLS version handling as well,
>> to make be_tls_init() consistent in its errorhandling.
>
> (Adding Peter Eisentraut in CC)
>
> Good catch, this is an oversight from commit e73e67c7, which affects
> only HEAD. The comment at the top of ssl_protocol_version_to_openssl
> becomes incorrect as the function would not throw an error in a reload
> context.
Doh, managed to completely overlook that. The attached updated patch also
fixes the comment, thanks!
cheers ./daniel
Attachment | Content-Type | Size |
---|---|---|
openssl_tlsver-v2.patch | application/octet-stream | 3.3 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2019-02-07 09:08:35 | Re: ToDo: show size of partitioned table |
Previous Message | Dave Page | 2019-02-07 09:03:06 | Re: phase out ossp-uuid? |