Home > mailing lists

Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds
Date	May 22, 2022 10:17:37
Msg-id	25099E17-3B79-45F2-A272-82073BE4760C@yesql.se Whole thread Raw
In response to	Patch: Don't set LoadedSSL unless secure_initialize succeeds (Gurjeet Singh <gurjeet@singh.im>)
Responses	Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds
List	pgsql-hackers

Tree view

> On 22 May 2022, at 08:41, Gurjeet Singh <gurjeet@singh.im> wrote:

> The initialization in PostmasterMain() blindly turns on LoadedSSL,
> irrespective of the outcome of secure_initialize().

This call is invoked with isServerStart set to true so any error in
secure_initialize should error out with ereport FATAL (in be_tls_init()).  That
could be explained in a comment though, which is currently isn't.

Did you manage to get LoadedSSL set to true without SSL having been properly
initialized?

--
Daniel Gustafsson        https://vmware.com/

pgsql-hackers by date:

From: Gurjeet Singh
Date: 22 May 2022, 09:41:18
Subject: Patch: Don't set LoadedSSL unless secure_initialize succeeds

From: Przemysław Sztoch
Date: 22 May 2022, 10:55:37
Subject: Re: Add --{no-,}bypassrls flags to createuser

Re: Patch: Don't set LoadedSSL unless secure_initialize succeeds - Mailing list pgsql-hackers

Previous

Next