Re: Fix error handling in be_tls_open_server()

Jacob Champion <jchampion@timescale.com>

From: Jacob Champion <jchampion@timescale.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Sergey Shinderuk <s.shinderuk@postgrespro.ru>, Daniel Gustafsson <daniel@yesql.se>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2023-08-28T15:12:45Z
Lists: pgsql-hackers
On Thu, Aug 24, 2023 at 6:25 PM Michael Paquier <michael@paquier.xyz> wrote:
> LD_PRELOAD is the only thing I can think about, but that's very fancy.
> Even with that, having a certificate with a NULL peer_cn could prove
> to be useful in the SSL suite to stress more patterns around it?

+1. Last we tried it, OpenSSL didn't want to create a certificate with
an embedded null, but maybe things have changed?

--Jacob



Commits

  1. Avoid potential pfree on NULL on OpenSSL errors