database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-26 12:21:12 +03:00
Code Activity

Rename connection parameters to control min/max SSL protocol version in libpq

Browse Source 
The libpq parameters ssl{max|min}protocolversion are renamed to use
underscores, to become ssl_{max|min}_protocol_version.  The related
environment variables still use the names introduced in commit ff8ca5f
that added the feature.

Per complaint from Peter Eisentraut (this was also mentioned by me in
the original patch review but the issue got discarded).

Author: Daniel Gustafsson
Reviewed-by: Peter Eisentraut, Michael Paquier
Discussion: https://postgr.es/m/b319e449-318d-e691-4997-1327e166fcc4@2ndquadrant.com
This commit is contained in:
Michael Paquier
2020-04-30 13:39:10 +09:00
parent 4ad047a6ea
commit 401aad6704
6 changed files with 42 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/interfaces/libpq/fe-secure-openssl.c
View File

@ -842,18 +842,18 @@ initialize_SSL(PGconn *conn)
SSL_CTX_set_options(SSL_context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
/* Set the minimum and maximum protocol versions if necessary */
if (conn->sslminprotocolversion &&
strlen(conn->sslminprotocolversion) != 0)
if (conn->ssl_min_protocol_version &&
strlen(conn->ssl_min_protocol_version) != 0)
{
int ssl_min_ver;
ssl_min_ver = ssl_protocol_version_to_openssl(conn->sslminprotocolversion);
ssl_min_ver = ssl_protocol_version_to_openssl(conn->ssl_min_protocol_version);
if (ssl_min_ver == -1)
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("invalid value \"%s\" for minimum version of SSL protocol\n"),
conn->sslminprotocolversion);
conn->ssl_min_protocol_version);
SSL_CTX_free(SSL_context);
return -1;
}
@ -871,18 +871,18 @@ initialize_SSL(PGconn *conn)
}
}
if (conn->sslmaxprotocolversion &&
strlen(conn->sslmaxprotocolversion) != 0)
if (conn->ssl_max_protocol_version &&
strlen(conn->ssl_max_protocol_version) != 0)
{
int ssl_max_ver;
ssl_max_ver = ssl_protocol_version_to_openssl(conn->sslmaxprotocolversion);
ssl_max_ver = ssl_protocol_version_to_openssl(conn->ssl_max_protocol_version);
if (ssl_max_ver == -1)
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("invalid value \"%s\" for maximum version of SSL protocol\n"),
conn->sslmaxprotocolversion);
conn->ssl_max_protocol_version);
SSL_CTX_free(SSL_context);
return -1;
}