Allow SSL to work withouth client-side certificate infrastructure.

author: Bruce Momjian <bruce@momjian.us> 2002-09-26 04:41:55 +0000
committer: Bruce Momjian <bruce@momjian.us> 2002-09-26 04:41:55 +0000
commit: 15b95cf8727005ae7961de7a00b4b83a738ecd5d (patch)
tree: 44d4f469816473adfea9d739e7c4622a11de05f1 /src/backend/libpq/be-secure.c
parent: c889c9c90151229baad4af205f42f6b81d7b02f4 (diff)
download: postgresql-15b95cf8727005ae7961de7a00b4b83a738ecd5d.tar.gz
postgresql-15b95cf8727005ae7961de7a00b4b83a738ecd5d.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index 6baf568eea5..7288a2bec5c 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.14 2002/09/04 23:31:34 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.15 2002/09/26 04:41:54 momjian Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -642,9 +642,13 @@ initialize_SSL(void)
 	snprintf(fnbuf, sizeof fnbuf, "%s/root.crt", DataDir);
 	if (!SSL_CTX_load_verify_locations(SSL_context, fnbuf, CA_PATH))
 	{
+		return 0;
+#ifdef NOT_USED
+		/* CLIENT CERTIFICATES NOT REQUIRED  bjm 2002-09-26 */
 		postmaster_error("could not read root cert file (%s): %s",
 						 fnbuf, SSLerrmessage());
 		ExitPostmaster(1);
+#endif
 	}
 	SSL_CTX_set_verify(SSL_context,
 					SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, verify_cb);
author	Bruce Momjian <bruce@momjian.us>	2002-09-26 04:41:55 +0000
committer	Bruce Momjian <bruce@momjian.us>	2002-09-26 04:41:55 +0000
commit	15b95cf8727005ae7961de7a00b4b83a738ecd5d (patch)
tree	44d4f469816473adfea9d739e7c4622a11de05f1 /src/backend/libpq/be-secure.c
parent	c889c9c90151229baad4af205f42f6b81d7b02f4 (diff)
download	postgresql-15b95cf8727005ae7961de7a00b4b83a738ecd5d.tar.gz postgresql-15b95cf8727005ae7961de7a00b4b83a738ecd5d.zip