Hi,
On 2024-04-08 01:25:40 +0000, Heikki Linnakangas wrote:
> Send ALPN in TLS handshake, require it in direct SSL connections
>
> libpq now always tries to send ALPN. With the traditional negotiated
> SSL connections, the server accepts the ALPN, and refuses the
> connection if it's not what we expect, but connecting without ALPN is
> still OK. With the new direct SSL connections, ALPN is mandatory.
>
> NOTE: This uses "TBD-pgsql" as the protocol ID. We must register a
> proper one with IANA before the release!
>
> Author: Greg Stark, Heikki Linnakangas
> Reviewed-by: Matthias van de Meent, Jacob Champion
My compiler complains:
[396/992 42 39%] Compiling C object
src/backend/postgres_lib.a.p/libpq_be-secure-openssl.c.o
../../../../../home/andres/src/postgresql/src/backend/libpq/be-secure-openssl.c:
In function 'alpn_cb':
../../../../../home/andres/src/postgresql/src/backend/libpq/be-secure-openssl.c:1327:69:
warning: ordered comparison of pointer with integer zero [-Wextra]
1327 | if (*out == NULL || *outlen > sizeof(alpn_protos) || outlen <=
0)
| ^~
[991/992 1 99%] Linking target src/bin/pg_dump/pg_dump
And I think it may show why the warning is a good idea - I assume
"*outlen <= 0" was intended?
Greetings,
Andres Freund
