projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d39a49c) | patch
Send ALPN in TLS handshake, require it in direct SSL connections
authorHeikki Linnakangas <[email protected]>
Mon, 8 Apr 2024 01:24:51 +0000 (04:24 +0300)
committerHeikki Linnakangas <[email protected]>
Mon, 8 Apr 2024 01:24:51 +0000 (04:24 +0300)
commit91044ae4baeac2e501e34164a69bd5d9c4976d21
tree030ae118927d18f14ecb8840ec6719932b79773ctree
parentd39a49c1e459804831302807c724fa6512e90cf0commit | diff
Send ALPN in TLS handshake, require it in direct SSL connections

libpq now always tries to send ALPN. With the traditional negotiated
SSL connections, the server accepts the ALPN, and refuses the
connection if it's not what we expect, but connecting without ALPN is
still OK. With the new direct SSL connections, ALPN is mandatory.

NOTE: This uses "TBD-pgsql" as the protocol ID. We must register a
proper one with IANA before the release!

Author: Greg Stark, Heikki Linnakangas
Reviewed-by: Matthias van de Meent, Jacob Champion
doc/src/sgml/libpq.sgml diff | blob | blame | history
src/backend/libpq/be-secure-openssl.c diff | blob | blame | history
src/backend/tcop/backend_startup.c diff | blob | blame | history
src/bin/psql/command.c diff | blob | blame | history
src/include/libpq/libpq-be.h diff | blob | blame | history
src/include/libpq/pqcomm.h diff | blob | blame | history
src/interfaces/libpq/fe-secure-openssl.c diff | blob | blame | history
This is the main PostgreSQL git repository.