Home > mailing lists

pgsql: Follow the RFCs more closely in libpq server certificate hostnam - Mailing list pgsql-committers

From	Heikki Linnakangas
Subject	pgsql: Follow the RFCs more closely in libpq server certificate hostnam
Date	September 15, 2014 16:17:19
Msg-id	E1XTW9V-00020u-B3@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Follow the RFCs more closely in libpq server certificate hostname check.

The RFCs say that the CN must not be checked if a subjectAltName extension
of type dNSName is present. IOW, if subjectAltName extension is present,
but there are no dNSNames, we can still check the CN.

Alexey Klyukin

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/58e70cf9fb42c1ad60b8ba730fd129f2ce6fa332

Modified Files
--------------
src/interfaces/libpq/fe-secure-openssl.c |    9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 14 September 2014, 17:58:27
Subject: pgsql: doc: Fix documentation of local_preload_libraries

From: Heikki Linnakangas
Date: 16 September 2014, 09:40:32
Subject: pgsql: Fix the return type of GIN triConsistent support functions to "c

pgsql: Follow the RFCs more closely in libpq server certificate hostnam - Mailing list pgsql-committers

Previous

Next