17a834a04d
If the client supports ALPN but tries to use some other protocol, like HTTPS, reject the connection in the server. That is surely a confusion of some sort. Furthermore, the ALPN RFC 7301 says: > In the event that the server supports no protocols that the client > advertises, then the server SHALL respond with a fatal > "no_application_protocol" alert. This commit makes the server follow that advice. In the client, specifically check for the OpenSSL error code for the "no_application_protocol" alert. Otherwise you got a cryptic "SSL error: SSL error code 167773280" error if you tried to connect to a non-PostgreSQL server that rejects the connection with "no_application_protocol". ERR_reason_error_string() returns NULL for that code, which frankly seems like an OpenSSL bug to me, but we can easily print a better message ourselves. Reported-by: Jacob Champion Discussion: https://www.postgresql.org/message-id/6aedcaa5-60f3-49af-a857-2c76ba55a1f3@iki.fi |
||
|---|---|---|
| .. | ||
| po | ||
| t | ||
| test | ||
| .gitignore | ||
| Makefile | ||
| README | ||
| exports.txt | ||
| fe-auth-sasl.h | ||
| fe-auth-scram.c | ||
| fe-auth.c | ||
| fe-auth.h | ||
| fe-cancel.c | ||
| fe-connect.c | ||
| fe-exec.c | ||
| fe-gssapi-common.c | ||
| fe-gssapi-common.h | ||
| fe-lobj.c | ||
| fe-misc.c | ||
| fe-print.c | ||
| fe-protocol3.c | ||
| fe-secure-common.c | ||
| fe-secure-common.h | ||
| fe-secure-gssapi.c | ||
| fe-secure-openssl.c | ||
| fe-secure.c | ||
| fe-trace.c | ||
| legacy-pqsignal.c | ||
| libpq-events.c | ||
| libpq-events.h | ||
| libpq-fe.h | ||
| libpq-int.h | ||
| meson.build | ||
| nls.mk | ||
| pg_service.conf.sample | ||
| pqexpbuffer.c | ||
| pqexpbuffer.h | ||
| pthread-win32.c | ||
| win32.c | ||
| win32.h | ||
README
src/interfaces/libpq/README This directory contains the C version of Libpq, the POSTGRES frontend library.