Home > mailing lists

pgsql: Fix regression in TLS session ticket disabling - Mailing list pgsql-committers

From	Daniel Gustafsson
Subject	pgsql: Fix regression in TLS session ticket disabling
Date	August 19 17:28:53
Msg-id	E1sg0ZB-000Pxu-9y@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Fix regression in TLS session ticket disabling

Commit 274bbced disabled session tickets for TLSv1.3 on top of the
already disabled TLSv1.2 session tickets, but accidentally caused
a regression where TLSv1.2 session tickets were incorrectly sent.
Fix by unconditionally disabling TLSv1.2 session tickets and only
disable TLSv1.3 tickets when the right version of OpenSSL is used.

Backpatch to all supported branches.

Reported-by: Cameron Vogt <cvogt@automaticcontrols.net>
Reported-by: Fire Emerald <fire.github@gmail.com>
Reviewed-by: Jacob Champion <jacob.champion@enterprisedb.com>
Discussion: https://postgr.es/m/DM6PR16MB3145CF62857226F350C710D1AB852@DM6PR16MB3145.namprd16.prod.outlook.com
Backpatch-through: v12

Branch
------
REL_14_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/8cea8c023edfc8ab8eadd4e68a9686727f494aaf

Modified Files
--------------
src/backend/libpq/be-secure-openssl.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

pgsql-committers by date:

From: Daniel Gustafsson
Date: 19 August, 17:28:42
Subject: pgsql: Fix regression in TLS session ticket disabling

From: Daniel Gustafsson
Date: 19 August, 17:29:03
Subject: pgsql: Fix regression in TLS session ticket disabling

pgsql: Fix regression in TLS session ticket disabling - Mailing list pgsql-committers

Previous

Next