*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.21 2002/12/23 22:19:00 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.22 2003/01/08 22:56:58 momjian Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
/* set up empheral DH keys */
SSL_CTX_set_tmp_dh_callback(SSL_context, tmp_dh_cb);
- SSL_CTX_set_options(SSL_context, SSL_OP_SINGLE_DH_USE);
+ SSL_CTX_set_options(SSL_context, SSL_OP_SINGLE_DH_USE | SSL_OP_NO_SSLv2);
/* accept client certificates, but don't require them. */
snprintf(fnbuf, sizeof fnbuf, "%s/root.crt", DataDir);
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.18 2002/12/18 13:15:15 pgsql Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.19 2003/01/08 22:56:58 momjian Exp $
*
* NOTES
* The client *requires* a valid server certificate. Since
{
SSL_library_init();
SSL_load_error_strings();
- SSL_context = SSL_CTX_new(SSLv23_method());
+ SSL_context = SSL_CTX_new(TLSv1_method());
if (!SSL_context)
{
printfPQExpBuffer(&conn->errorMessage,
projects / postgresql / commitdiff