Re: pgsql: Reject SSL connection if ALPN is used but there's no common prot

From: Heikki Linnakangas <hlinnaka(at)iki(dot)fi>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: Re: pgsql: Reject SSL connection if ALPN is used but there's no common prot
Date: 2024-04-30 05:19:53
Message-ID: adc3ebc2-0e3a-4983-bec1-637182b60aae@iki.fi
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

On 30/04/2024 02:32, Tom Lane wrote:
> Heikki Linnakangas <heikki(dot)linnakangas(at)iki(dot)fi> writes:
>> Reject SSL connection if ALPN is used but there's no common protocol
>
> A moderately large fraction of the buildfarm doesn't seem to
> recognize SSL_AD_NO_APPLICATION_PROTOCOL.

*sigh*. I checked that it exists on OpenSSL 1.1.1, but according to
buildfarm it's not present on OpenSSL 1.0.2 or LibreSSL. I'll add an
#ifdef guard. OpenSSL 1.0.2 support is about to be removed from master,
and, and we can live with a a poor error message on LibreSSL. It's not
something that users should normally hit.

--
Heikki Linnakangas
Neon (https://neon.tech)

In response to

Responses

Browse pgsql-committers by date

  From Date Subject
Next Message Heikki Linnakangas 2024-04-30 05:26:28 pgsql: Fix compilation on OpenSSL 1.0.2 and LibreSSL
Previous Message Tom Lane 2024-04-30 03:33:20 Re: pgsql: Fix test case from b0c5b215d.