Re: Improve errors when setting incorrect bounds for SSL protocols

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-04-29T23:14:55Z
Lists: pgsql-hackers
On Wed, Apr 29, 2020 at 01:57:49PM +0200, Daniel Gustafsson wrote:
> Working in the TLS corners of the backend, I found while re-reviewing and
> re-testing for the release that this patch actually was a small, but vital,
> brick shy of a load.  The error handling is always invoked due to a set of
> missing braces.  Going into the check will cause the context to be freed and
> be_tls_open_server error out.  The tests added narrowly escapes it by not
> setting the max version in the final test, but I'm not sure it's worth changing
> that now as not setting a value is an interesting testcase too.  Sorry for
> missing that at the time of reviewing.

Good catch, fixed.  We would still have keep around the SSL old
context if both bounds were set.  Testing this case would mean one
extra full restart of the server, and I am not sure either if that's
worth the extra cost here.
--
Michael

Commits

  1. Fix check for conflicting SSL min/max protocol settings

  2. Add bound checks for ssl_min_protocol_version and ssl_max_protocol_version

  3. Revert "Add GUC checks for ssl_min_protocol_version and ssl_max_protocol_version"

  4. Add GUC checks for ssl_min_protocol_version and ssl_max_protocol_version