Fix the sense of the test on DH_check()'s return value. This was preventing

tglsfdc · tglsfdc · commit 91d568e9bbcd · 2006-05-12T22:44:36.000Z
custom-generated DH parameters from actually being used by the server.
Found by Michael Fuhr.
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.69 2006/05/06 02:24:39 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.70 2006/05/12 22:44:36 tgl Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -524,7 +524,7 @@ load_dh_file(int keylength)
 	/* make sure the DH parameters are usable */
 	if (dh != NULL)
 	{
-		if (DH_check(dh, &codes))
+		if (DH_check(dh, &codes) == 0)
 		{
 			elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
 			return NULL;

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`*`
`12`	`12`	`*`
`13`	`13`	`* IDENTIFICATION`
`14`		`- * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.69 2006/05/06 02:24:39 momjian Exp $`
	`14`	`+ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.70 2006/05/12 22:44:36 tgl Exp $`
`15`	`15`	`*`
`16`	`16`	`* Since the server static private key ($DataDir/server.key)`
`17`	`17`	`* will normally be stored unencrypted so that the database`
`@@ -524,7 +524,7 @@ load_dh_file(int keylength)`
`524`	`524`	`/* make sure the DH parameters are usable */`
`525`	`525`	`if (dh != NULL)`
`526`	`526`	`{`
`527`		`- if (DH_check(dh, &codes))`
	`527`	`+ if (DH_check(dh, &codes) == 0)`
`528`	`528`	`{`
`529`	`529`	`elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());`
`530`	`530`	`return NULL;`