database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-21 00:42:43 +03:00
Code Activity

Re-allow SSL passphrase prompt at server start, but not thereafter.

Browse Source 
Leave OpenSSL's default passphrase collection callback in place during
the first call of secure_initialize() in server startup.  Although that
doesn't work terribly well in daemon contexts, some people feel we should
not break it for anyone who was successfully using it before.  We still
block passphrase demands during SIGHUP, meaning that you can't adjust SSL
configuration on-the-fly if you used a passphrase, but this is no worse
than what it was before commit de41869b6.  And we block passphrase demands
during EXEC_BACKEND reloads; that behavior wasn't useful either, but at
least now it's documented.

Tweak some related log messages for more readability, and avoid issuing
essentially duplicate messages about reload failure caused by a passphrase.

Discussion: https://postgr.es/m/29982.1483412575@sss.pgh.pa.us
This commit is contained in:
Tom Lane
2017-01-04 12:43:52 -05:00
parent 0fad355bec
commit 6667d9a6d7
6 changed files with 72 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/backend/libpq/be-secure.c
View File

@@ -65,15 +65,15 @@ bool SSLPreferServerCiphers;
/*
* Initialize global context.
*
* If failOnError is true, report any errors as FATAL (so we don't return).
* Otherwise, log errors at LOG level and return -1 to indicate trouble.
* Returns 0 if OK.
* If isServerStart is true, report any errors as FATAL (so we don't return).
* Otherwise, log errors at LOG level and return -1 to indicate trouble,
* preserving the old SSL state if any. Returns 0 if OK.
*/
int
secure_initialize(bool failOnError)
secure_initialize(bool isServerStart)
{
#ifdef USE_SSL
return be_tls_init(failOnError);
return be_tls_init(isServerStart);
#else
return 0;
#endif