pgsql: Add hints about protocol-version-related SSL connection failures
| От | Tom Lane |
|---|---|
| Тема | pgsql: Add hints about protocol-version-related SSL connection failures |
| Дата | |
| Msg-id | E1jpDzw-0008LH-JY@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
Add hints about protocol-version-related SSL connection failures. OpenSSL's native reports about problems related to protocol version restrictions are pretty opaque and inconsistent. When we get an SSL error that is plausibly due to this, emit a hint message that includes the range of SSL protocol versions we (think we) are allowing. This should at least get the user thinking in the right direction to resolve the problem, even if the hint isn't totally accurate, which it might not be for assorted reasons. Back-patch to v13 where we increased the default minimum protocol version, thereby increasing the risk of this class of failure. Patch by me, reviewed by Daniel Gustafsson Discussion: https://postgr.es/m/a9408304-4381-a5af-d259-e55d349ae4ce@2ndquadrant.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/b63dd3d88f479947ef7fb7cbf5db27de66ae0654 Modified Files -------------- src/backend/libpq/be-secure-openssl.c | 67 +++++++++++++++++++++++++++++++- src/include/common/openssl.h | 23 ++++++++++- src/interfaces/libpq/fe-secure-openssl.c | 39 +++++++++++++++++++ 3 files changed, 127 insertions(+), 2 deletions(-)
В списке pgsql-committers по дате отправления: