Heikki Linnakangas writes:
> On 30/04/2024 02:32, Tom Lane wrote:
>> A moderately large fraction of the buildfarm doesn't seem to
>> recognize SSL_AD_NO_APPLICATION_PROTOCOL.
> *sigh*. I checked that it exists on OpenSSL 1.1.1, but according to
> buildfarm it's not present on OpenSSL 1.0.2 or Li
On 30/04/2024 02:32, Tom Lane wrote:
Heikki Linnakangas writes:
Reject SSL connection if ALPN is used but there's no common protocol
A moderately large fraction of the buildfarm doesn't seem to
recognize SSL_AD_NO_APPLICATION_PROTOCOL.
*sigh*. I checked that it exists on OpenSSL 1.1.1, but
Heikki Linnakangas writes:
> Reject SSL connection if ALPN is used but there's no common protocol
A moderately large fraction of the buildfarm doesn't seem to
recognize SSL_AD_NO_APPLICATION_PROTOCOL.
regards, tom lane
Reject SSL connection if ALPN is used but there's no common protocol
If the client supports ALPN but tries to use some other protocol, like
HTTPS, reject the connection in the server. That is surely a confusion
of some sort. Furthermore, the ALPN RFC 7301 says:
> In the event that the server supp