]> granicus.if.org Git - postgresql/commitdiff
Fix the sense of the test on DH_check()'s return value. This was preventing
authorTom Lane <tgl@sss.pgh.pa.us>
Fri, 12 May 2006 22:44:43 +0000 (22:44 +0000)
committerTom Lane <tgl@sss.pgh.pa.us>
Fri, 12 May 2006 22:44:43 +0000 (22:44 +0000)
custom-generated DH parameters from actually being used by the server.
Found by Michael Fuhr.

src/backend/libpq/be-secure.c

index fa1de916a195db82b3dd4c6b7be25c1d98450001..56fefae95a0ecbe3e64fe8433e08e733d9e427a1 100644 (file)
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.59.2.1 2005/11/22 18:23:09 momjian Exp $
+ *       $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.59.2.2 2006/05/12 22:44:43 tgl Exp $
  *
  *       Since the server static private key ($DataDir/server.key)
  *       will normally be stored unencrypted so that the database
@@ -525,7 +525,7 @@ load_dh_file(int keylength)
        /* make sure the DH parameters are usable */
        if (dh != NULL)
        {
-               if (DH_check(dh, &codes))
+               if (DH_check(dh, &codes) == 0)
                {
                        elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
                        return NULL;