Remove duplicate setting of SSL_OP_SINGLE_DH_USE option. Commit c0a15e07c moved the setting of OpenSSL's SSL_OP_SINGLE_DH_USE option into a new subroutine initialize_dh(), but forgot to remove it from where it was. SSL_CTX_set_options() is a trivial function, amounting indeed to just "ctx->options |= op", hence there's no reason to contort the code or break separation of concerns to avoid calling it twice. So separating the DH setup from disabling of old protocol versions is a good change, but we need to finish the job.
Noted while poking into the question of SSL session tickets. Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/f352f91cbf2f662c4f043d3650010b02da0cde1c Modified Files -------------- src/backend/libpq/be-secure-openssl.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) -- Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
