git.postgresql.org Git - users/rhaas/postgres.git/commit

author	Michael Paquier <[email protected]>
	Tue, 28 Jan 2020 01:40:48 +0000 (10:40 +0900)
committer	Michael Paquier <[email protected]>
	Tue, 28 Jan 2020 01:40:48 +0000 (10:40 +0900)
commit	ff8ca5fadd819155c82bd16fcc6b7231af649cf8
tree	1e68ff107bb0607f796078c47f333be146fdffe4	tree
parent	6f38d4dac381b5b8bead302a0b4f81761042cd25	commit \| diff

Add connection parameters to control SSL protocol min/max in libpq

These two new parameters, named sslminprotocolversion and
sslmaxprotocolversion, allow to respectively control the minimum and the
maximum version of the SSL protocol used for the SSL connection attempt.
The default setting is to allow any version for both the minimum and the
maximum bounds, causing libpq to rely on the bounds set by the backend
when negotiating the protocol to use for an SSL connection. The bounds
are checked when the values are set at the earliest stage possible as
this makes the checks independent of any SSL implementation.

Author: Daniel Gustafsson
Reviewed-by: Michael Paquier, Cary Huang
Discussion: https://postgr.es/m/4F246AE3-A7AE-471E-BD3D-C799D3748E03@yesql.se

contrib/postgres_fdw/expected/postgres_fdw.out		diff \| blob \| blame \| history
doc/src/sgml/libpq.sgml		diff \| blob \| blame \| history
src/backend/libpq/be-secure-openssl.c		diff \| blob \| blame \| history
src/interfaces/libpq/fe-connect.c		diff \| blob \| blame \| history
src/interfaces/libpq/fe-secure-openssl.c		diff \| blob \| blame \| history
src/interfaces/libpq/libpq-int.h		diff \| blob \| blame \| history
src/test/ssl/t/001_ssltests.pl		diff \| blob \| blame \| history