"SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
A TLS/SSL connection established with these methods will understand the SSLv2,
SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
and will indicate that it also understands SSLv3 and TLSv1. A server will
understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
choice when compatibility is a concern."
This will maintain backwards compatibility for those us that don't use
TLS connections ...
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.19 2002/12/14 18:39:14 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.20 2002/12/18 13:15:12 pgsql Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
{
SSL_library_init();
SSL_load_error_strings();
- SSL_context = SSL_CTX_new(TLSv1_method());
+ SSL_context = SSL_CTX_new(SSLv23_method());
if (!SSL_context)
{
postmaster_error("failed to create SSL context: %s",
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.17 2002/12/12 22:42:39 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.18 2002/12/18 13:15:15 pgsql Exp $
*
* NOTES
* The client *requires* a valid server certificate. Since
{
SSL_library_init();
SSL_load_error_strings();
- SSL_context = SSL_CTX_new(TLSv1_method());
+ SSL_context = SSL_CTX_new(SSLv23_method());
if (!SSL_context)
{
printfPQExpBuffer(&conn->errorMessage,
OSDN Git Service
