diff options
| author | PostgreSQL Daemon | 2002-12-18 13:20:03 +0000 |
|---|---|---|
| committer | PostgreSQL Daemon | 2002-12-18 13:20:03 +0000 |
| commit | d2f0761b822014385e57c99368142ee1f095d5f4 (patch) | |
| tree | f5d2a9e0fd449b2f7192dc6f173fb7b633644023 | |
| parent | bb501dcaaf00a5eb3d01da42ed3830faadea4c7f (diff) | |
From the SSL_CTX_new man page:
"SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
A TLS/SSL connection established with these methods will understand the SSLv2,
SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
and will indicate that it also understands SSLv3 and TLSv1. A server will
understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
choice when compatibility is a concern."
This will maintain backwards compatibility for those us that don't use
TLS connections ...
| -rw-r--r-- | src/backend/libpq/be-secure.c | 4 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index 113189571ed..21cefc0207d 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.15.2.3 2002/12/14 18:39:39 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.15.2.4 2002/12/18 13:20:00 pgsql Exp $ * * Since the server static private key ($DataDir/server.key) * will normally be stored unencrypted so that the database @@ -587,7 +587,7 @@ initialize_SSL(void) { SSL_library_init(); SSL_load_error_strings(); - SSL_context = SSL_CTX_new(TLSv1_method()); + SSL_context = SSL_CTX_new(SSLv23_method()); if (!SSL_context) { postmaster_error("failed to create SSL context: %s", diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index de71699cae1..2107b51d122 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.15.2.1 2002/11/07 18:47:08 tgl Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.15.2.2 2002/12/18 13:20:03 pgsql Exp $ * * NOTES * The client *requires* a valid server certificate. Since @@ -712,7 +712,7 @@ initialize_SSL(PGconn *conn) { SSL_library_init(); SSL_load_error_strings(); - SSL_context = SSL_CTX_new(TLSv1_method()); + SSL_context = SSL_CTX_new(SSLv23_method()); if (!SSL_context) { printfPQExpBuffer(&conn->errorMessage, |