projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c0ba7d6) | patch
Disable all TLS session tickets
authorDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 26 Jul 2024 09:09:45 +0000 (11:09 +0200)
committerDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 26 Jul 2024 09:09:45 +0000 (11:09 +0200)
commit1f476bc7537638a6d523651170f4b9848517aa4a
tree23e5d5739c3b72ce16984349d9b02a7e98a68095tree
parentc0ba7d609de1c0f5bd64d1a3561c6e1e64ab0d1dcommit | diff
Disable all TLS session tickets

OpenSSL supports two types of session tickets for TLSv1.3, stateless
and stateful. The option we've used only turns off stateless tickets
leaving stateful tickets active. Use the new API introduced in 1.1.1
to disable all types of tickets.

Backpatch to all supported versions.

Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
Reported-by: Andres Freund <andres@anarazel.de>
Discussion: https://postgr.es/m/20240617173803.6alnafnxpiqvlh3g@awork3.anarazel.de
Backpatch-through: v12
configure diff | blob | blame | history
configure.in diff | blob | blame | history
src/backend/libpq/be-secure-openssl.c diff | blob | blame | history
src/include/pg_config.h.in diff | blob | blame | history
This is the main PostgreSQL git repository.