Simplify the way OpenSSL renegotiation is initiated in server.

Heikki Linnakangas <heikki.linnakangas@iki.fi>

Commit: 272923a0a6956187471df4f032eee06559520390
Author: Heikki Linnakangas <heikki.linnakangas@iki.fi>
Date: 2015-02-13T19:46:08Z
Releases: 9.5.0
Simplify the way OpenSSL renegotiation is initiated in server.

At least in all modern versions of OpenSSL, it is enough to call
SSL_renegotiate() once, and then forget about it. Subsequent SSL_write()
and SSL_read() calls will finish the handshake.

The SSL_set_session_id_context() call is unnecessary too. We only have
one SSL context, and the SSL session was created with that to begin with.

Files

PathChange+/−
src/backend/libpq/be-secure-openssl.c modified +0 −23