| From: | Daniel Gustafsson <dgustafsson(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix regression in TLS session ticket disabling |
| Date: | 2024-08-19 11:27:29 |
| Message-ID: | E1sg0Xp-000Pvi-8M@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix regression in TLS session ticket disabling
Commit 274bbced disabled session tickets for TLSv1.3 on top of the
already disabled TLSv1.2 session tickets, but accidentally caused
a regression where TLSv1.2 session tickets were incorrectly sent.
Fix by unconditionally disabling TLSv1.2 session tickets and only
disable TLSv1.3 tickets when the right version of OpenSSL is used.
Backpatch to all supported branches.
Reported-by: Cameron Vogt <cvogt(at)automaticcontrols(dot)net>
Reported-by: Fire Emerald <fire(dot)github(at)gmail(dot)com>
Reviewed-by: Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
Discussion: https://postgr.es/m/DM6PR16MB3145CF62857226F350C710D1AB852@DM6PR16MB3145.namprd16.prod.outlook.com
Backpatch-through: v12
Branch
------
REL_17_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/19021d28cdf0e84ebc498382826b936df62f5dba
Modified Files
--------------
src/backend/libpq/be-secure-openssl.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2024-08-19 11:28:03 | pgsql: Fix regression in TLS session ticket disabling |
| Previous Message | Daniel Gustafsson | 2024-08-19 11:12:39 | pgsql: Fix regression in TLS session ticket disabling |