Re: Improve errors when setting incorrect bounds for SSL protocols

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-03-23T02:06:45Z
Lists: pgsql-hackers
On Thu, Mar 19, 2020 at 10:54:35PM +0100, Daniel Gustafsson wrote:
> In this message we aren't quoting the TLS protocol setting:
> +          (errmsg("%s setting %s not supported by this build",
> ..but in this detail we are:
> +           errdetail("\"%s\" cannot be higher than \"%s\"",
> Perhaps we should be consistent across all ereports?

Right.  Using quotes is a more popular style when it comes to GUC
parameters and their values, so switched to use that, and committed
the patch.  Thanks for the review.
--
Michael

Commits

  1. Fix check for conflicting SSL min/max protocol settings

  2. Add bound checks for ssl_min_protocol_version and ssl_max_protocol_version

  3. Revert "Add GUC checks for ssl_min_protocol_version and ssl_max_protocol_version"

  4. Add GUC checks for ssl_min_protocol_version and ssl_max_protocol_version