Quick Links

Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	Gurjeet Singh <gurjeet(at)singh(dot)im>
Cc:	PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds
Date:	2022-05-22 07:17:37
Message-ID:	25099E17-3B79-45F2-A272-82073BE4760C@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> On 22 May 2022, at 08:41, Gurjeet Singh <gurjeet(at)singh(dot)im> wrote:

> The initialization in PostmasterMain() blindly turns on LoadedSSL,
> irrespective of the outcome of secure_initialize().

This call is invoked with isServerStart set to true so any error in
secure_initialize should error out with ereport FATAL (in be_tls_init()). That
could be explained in a comment though, which is currently isn't.

Did you manage to get LoadedSSL set to true without SSL having been properly
initialized?

--
Daniel Gustafsson https://vmware.com/

In response to

Patch: Don't set LoadedSSL unless secure_initialize succeeds at 2022-05-22 06:41:18 from Gurjeet Singh

Responses

Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds at 2022-05-24 02:33:36 from Michael Paquier
Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds at 2022-05-24 03:51:25 from Tom Lane
Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds at 2022-05-26 05:05:10 from Gurjeet Singh

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Przemysław Sztoch	2022-05-22 07:55:37	Re: Add --{no-,}bypassrls flags to createuser
Previous Message	Gurjeet Singh	2022-05-22 06:41:18	Patch: Don't set LoadedSSL unless secure_initialize succeeds