Commit b78fbfe
committed
Back-patch libpq support for TLS versions beyond v1.
Since 7.3.2, libpq has been coded in such a way that the only SSL protocol
it would allow was TLS v1. That approach is looking increasingly obsolete.
In commit 820f08c we fixed it to allow TLS >= v1, but did not
back-patch the change at the time, partly out of caution and partly because
the question was confused by a contemporary server-side change to reject
the now-obsolete SSL protocol v3. 9.4 has now been out long enough that
it seems safe to assume the change is OK; hence, back-patch into 9.0-9.3.
(I also chose to back-patch some relevant comments added by commit
326e1d7, but did *not* change the server behavior; hence, pre-9.4
servers will continue to allow SSL v3, even though no remotely modern
client will request it.)
Per gripe from Jan Bilek.1 parent baf379b commit b78fbfe
2 files changed
+17
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
735 | 735 | | |
736 | 736 | | |
737 | 737 | | |
| 738 | + | |
| 739 | + | |
| 740 | + | |
| 741 | + | |
| 742 | + | |
| 743 | + | |
| 744 | + | |
738 | 745 | | |
739 | 746 | | |
740 | 747 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
967 | 967 | | |
968 | 968 | | |
969 | 969 | | |
970 | | - | |
| 970 | + | |
| 971 | + | |
| 972 | + | |
| 973 | + | |
| 974 | + | |
| 975 | + | |
| 976 | + | |
971 | 977 | | |
972 | 978 | | |
973 | 979 | | |
| |||
982 | 988 | | |
983 | 989 | | |
984 | 990 | | |
| 991 | + | |
| 992 | + | |
| 993 | + | |
985 | 994 | | |
986 | 995 | | |
987 | 996 | | |
| |||
0 commit comments