| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Disallow use of SSL v3 protocol in the server as well as in libp |
| Date: | 2014-01-31 22:51:32 |
| Message-ID: | E1W9Mvs-0007If-43@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Disallow use of SSL v3 protocol in the server as well as in libpq.
Commit 820f08cabdcbb8998050c3d4873e9619d6d8cba4 claimed to make the server
and libpq handle SSL protocol versions identically, but actually the server
was still accepting SSL v3 protocol while libpq wasn't. Per discussion,
SSL v3 is obsolete, and there's no good reason to continue to accept it.
So make the code really equivalent on both sides. The behavior now is
that we use the highest mutually-supported TLS protocol version.
Marko Kreen, some comment-smithing by me
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/326e1d73c476a0b5061ef00134bdf57aed70d5e7
Modified Files
--------------
src/backend/libpq/be-secure.c | 13 +++++++++++--
src/interfaces/libpq/fe-secure.c | 6 ++++--
2 files changed, 15 insertions(+), 4 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2014-02-01 00:05:19 | pgsql: doc: mention data page checksums in WAL section |
| Previous Message | Bruce Momjian | 2014-01-31 22:44:24 | pgsql: docs: mention tgconstrindid supports exclusion constraints |