If the client supports ALPN but tries to use some other protocol, like HTTPS, reject the connection in the server. That is surely a confusion of some sort. Furthermore, the ALPN RFC 7301 says: > In the event that the server supports no protocols that the client > advertises, then the server SHALL respond with a fatal > "no_application_protocol" alert. This commit makes the server follow that advice. In the client, specifically check for the OpenSSL error code for the "no_application_protocol" alert. Otherwise you got a cryptic "SSL error: SSL error code 167773280" error if you tried to connect to a non-PostgreSQL server that rejects the connection with "no_application_protocol". ERR_reason_error_string() returns NULL for that code, which frankly seems like an OpenSSL bug to me, but we can easily print a better message ourselves. Reported-by: Jacob Champion Discussion: https://www.postgresql.org/message-id/6aedcaa5-60f3-49af-a857-2c76ba55a1f3@iki.fi |
||
---|---|---|
.. | ||
backend | ||
bin | ||
common | ||
fe_utils | ||
include | ||
interfaces | ||
makefiles | ||
pl | ||
port | ||
template | ||
test | ||
timezone | ||
tools | ||
tutorial | ||
.gitignore | ||
DEVELOPERS | ||
Makefile | ||
Makefile.global.in | ||
Makefile.shlib | ||
meson.build | ||
nls-global.mk |