diff options
author | Tom Lane <tgl@sss.pgh.pa.us> | 2020-06-27 13:26:17 -0400 |
---|---|---|
committer | Tom Lane <tgl@sss.pgh.pa.us> | 2020-06-27 13:26:30 -0400 |
commit | e5f63db995514473f7b3421bc80f8e7715cd6d35 (patch) | |
tree | ee4f6df9d36ee19aca7c6744b9284d54c2bc8ecd | |
parent | e2bcd99be18c67fea575a9789ebafd650e6e1076 (diff) |
Fix list of SSL error codes for older OpenSSL versions.
Apparently 1.0.1 lacks SSL_R_VERSION_TOO_HIGH and
SSL_R_VERSION_TOO_LOW. Per buildfarm.
-rw-r--r-- | src/backend/libpq/be-secure-openssl.c | 6 | ||||
-rw-r--r-- | src/interfaces/libpq/fe-secure-openssl.c | 6 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index d1cf455ab44..8b21ff4065c 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -474,11 +474,13 @@ aloop: case SSL_R_UNKNOWN_PROTOCOL: case SSL_R_UNKNOWN_SSL_VERSION: case SSL_R_UNSUPPORTED_SSL_VERSION: - case SSL_R_VERSION_TOO_HIGH: - case SSL_R_VERSION_TOO_LOW: case SSL_R_WRONG_SSL_VERSION: case SSL_R_WRONG_VERSION_NUMBER: case SSL_R_TLSV1_ALERT_PROTOCOL_VERSION: +#ifdef SSL_R_VERSION_TOO_HIGH + case SSL_R_VERSION_TOO_HIGH: + case SSL_R_VERSION_TOO_LOW: +#endif give_proto_hint = true; break; default: diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index b5b2006b75d..d609a38bbe0 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -1326,11 +1326,13 @@ open_client_SSL(PGconn *conn) case SSL_R_UNKNOWN_PROTOCOL: case SSL_R_UNKNOWN_SSL_VERSION: case SSL_R_UNSUPPORTED_SSL_VERSION: - case SSL_R_VERSION_TOO_HIGH: - case SSL_R_VERSION_TOO_LOW: case SSL_R_WRONG_SSL_VERSION: case SSL_R_WRONG_VERSION_NUMBER: case SSL_R_TLSV1_ALERT_PROTOCOL_VERSION: +#ifdef SSL_R_VERSION_TOO_HIGH + case SSL_R_VERSION_TOO_HIGH: + case SSL_R_VERSION_TOO_LOW: +#endif appendPQExpBuffer(&conn->errorMessage, libpq_gettext("This may indicate that the server does not support any SSL protocol version between %s and %s.\n"), conn->ssl_min_protocol_version ? |