On Wed, Feb 06, 2019 at 11:18:22PM +0100, Daniel Gustafsson wrote:
> The errorhandling in be_tls_init(), and functions called from it, set the
> appropriate elevel by the isServerStart. ssl_protocol_version_to_openssl() is
> however erroring out unconditionally with ERROR on invalid TLS versions. The
> attached patch adds isServerStart handling to the TLS version handling as well,
> to make be_tls_init() consistent in its errorhandling.
(Adding Peter Eisentraut in CC)
Good catch, this is an oversight from commit e73e67c7, which affects
only HEAD. The comment at the top of ssl_protocol_version_to_openssl
becomes incorrect as the function would not throw an error in a reload
context.
The current comment is that:
* If a version is passed that is not supported by the current OpenSSL
* version, then we throw an error, so that subsequent code can assume it's
* working with a supported version.
Which we could change to that:
..., then we throw an error as FATAL if isServerStart is true so as it
won't return. Otherwise, errors are logged as LOG level and return -1
to indicate trouble, preserving the old SSL state if any.
Peter, could you take care of it? Or should I?
--
Michael