Fix the sense of the test on DH_check()'s return value. This was preventing

custom-generated DH parameters from actually being used by the server. Found by Michael Fuhr.
author: Tom Lane 2006-05-12 22:44:50 +0000
committer: Tom Lane 2006-05-12 22:44:50 +0000
commit: f939bdcafe03b1b34c48bb88241fff0dca0dec50 (patch)
tree: f5f976503fcf6bd9ef21dc68f69e3992adde9709 /src
parent: e9c56ce5e9a11571f760823afb26bee0569fee0f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index e440a335c46..78e18d1bc2c 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.56.4.1 2005/06/02 21:03:46 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.56.4.2 2006/05/12 22:44:50 tgl Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -520,7 +520,7 @@ load_dh_file(int keylength)
 	/* make sure the DH parameters are usable */
 	if (dh != NULL)
 	{
-		if (DH_check(dh, &codes))
+		if (DH_check(dh, &codes) == 0)
 		{
 			elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
 			return NULL;
author	Tom Lane	2006-05-12 22:44:50 +0000
committer	Tom Lane	2006-05-12 22:44:50 +0000
commit	f939bdcafe03b1b34c48bb88241fff0dca0dec50 (patch)
tree	f5f976503fcf6bd9ef21dc68f69e3992adde9709 /src
parent	e9c56ce5e9a11571f760823afb26bee0569fee0f (diff)