projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8a1a408) | patch
Disable all TLS session tickets
authorDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 26 Jul 2024 09:09:45 +0000 (11:09 +0200)
committerDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 26 Jul 2024 09:09:45 +0000 (11:09 +0200)
commit3df7f44a8c7c456c0a0d4d02a1167e972dc24eaa
treeba1134dee9dbb6479ceafdcb24258e45fdc9b7d8tree
parent8a1a4087bd5fd09f42bcca2c91ff7eceaa2a0eabcommit | diff
Disable all TLS session tickets

OpenSSL supports two types of session tickets for TLSv1.3, stateless
and stateful. The option we've used only turns off stateless tickets
leaving stateful tickets active. Use the new API introduced in 1.1.1
to disable all types of tickets.

Backpatch to all supported versions.

Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
Reported-by: Andres Freund <andres@anarazel.de>
Discussion: https://postgr.es/m/20240617173803.6alnafnxpiqvlh3g@awork3.anarazel.de
Backpatch-through: v12
configure diff | blob | blame | history
configure.ac diff | blob | blame | history
meson.build diff | blob | blame | history
src/backend/libpq/be-secure-openssl.c diff | blob | blame | history
src/include/pg_config.h.in diff | blob | blame | history
This is the main PostgreSQL git repository.