Disable all TLS session tickets
OpenSSL supports two types of session tickets for TLSv1.3, stateless
and stateful. The option we've used only turns off stateless tickets
leaving stateful tickets active. Use the new API introduced in 1.1.1
to disable all types of tickets.
Backpatch to all supported versions.
Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
Reported-by: Andres Freund <andres@anarazel.de>
Discussion: https://postgr.es/m/20240617173803.6alnafnxpiqvlh3g@awork3.anarazel.de
Backpatch-through: v12
Branch
------
REL_12_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/32121c077d69e22ed4686d7ae3a9c637f3a64d85
Modified Files
--------------
configure | 9 +++++----
configure.in | 2 +-
src/backend/libpq/be-secure-openssl.c | 16 ++++++++++++++--
src/include/pg_config.h.in | 3 +++
4 files changed, 23 insertions(+), 7 deletions(-)