open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix the sense of the test on DH_check()'s return value. This was preventing

Browse Source 
custom-generated DH parameters from actually being used by the server.
Found by Michael Fuhr.
REL8_2_STABLE
Tom Lane 20 years ago
parent 2246e31775
commit 91d568e9bb
1 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      src/backend/libpq/be-secure.c

4
src/backend/libpq/be-secure.c
Unescape View File

@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.69 2006/05/06 02:24:39 momjian Exp $ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.70 2006/05/12 22:44:36 tgl Exp $
* *
* Since the server static private key ($DataDir/server.key) * Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database * will normally be stored unencrypted so that the database
@ -524,7 +524,7 @@ load_dh_file(int keylength)
/* make sure the DH parameters are usable */ /* make sure the DH parameters are usable */
if (dh != NULL) if (dh != NULL)
{ {
if (DH_check(dh, &codes)) if (DH_check(dh, &codes) == 0)
{ {
elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage()); elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
return NULL; return NULL;

Write Preview
Loading…
Cancel
Save