pgsql: Update minimum SSL version

Поиск
Список
Период
Сортировка
От Peter Eisentraut
Тема pgsql: Update minimum SSL version
Дата
Msg-id E1icbz4-0005fs-7c@gemulon.postgresql.org
обсуждение исходный текст
Список pgsql-committers
Дерево обсуждения 
Update minimum SSL version

Change default of ssl_min_protocol_version to TLSv1.2 (from TLSv1,
which means 1.0).  Older versions are still supported, just not by
default.

TLS 1.0 is widely deprecated, and TLS 1.1 only slightly less so.  All
OpenSSL versions that support TLS 1.1 also support TLS 1.2, so there
would be very little reason to, say, set the default to TLS 1.1
instead on grounds of better compatibility.

The test suite overrides this new setting, so it can still run with
older OpenSSL versions.

Discussion: https://www.postgresql.org/message-id/flat/b327f8df-da98-054d-0cc5-b76a857cfed9%402ndquadrant.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/b1abfec825472434ea445b9700eaa80cde9da86a

Modified Files
--------------
doc/src/sgml/config.sgml                      | 6 ++----
src/backend/utils/misc/guc.c                  | 2 +-
src/backend/utils/misc/postgresql.conf.sample | 2 +-
src/test/ssl/t/SSLServer.pm                   | 4 ++++
4 files changed, 8 insertions(+), 6 deletions(-)

В списке pgsql-committers по дате отправления: