aboutsummaryrefslogtreecommitdiff
path: root/src/backend/utils/misc/guc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/utils/misc/guc.c')
-rw-r--r--src/backend/utils/misc/guc.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 7e9e8c642bf..19c678f596f 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -428,6 +428,15 @@ static const struct config_enum_entry password_encryption_options[] = {
{NULL, 0, false}
};
+const struct config_enum_entry ssl_protocol_versions_info[] = {
+ {"", PG_TLS_ANY, false},
+ {"TLSv1", PG_TLS1_VERSION, false},
+ {"TLSv1.1", PG_TLS1_1_VERSION, false},
+ {"TLSv1.2", PG_TLS1_2_VERSION, false},
+ {"TLSv1.3", PG_TLS1_3_VERSION, false},
+ {NULL, 0, false}
+};
+
/*
* Options for enum values stored in other modules
*/
@@ -4193,6 +4202,30 @@ static struct config_enum ConfigureNamesEnum[] =
NULL, NULL, NULL
},
+ {
+ {"ssl_min_protocol_version", PGC_SIGHUP, CONN_AUTH_SSL,
+ gettext_noop("Sets the minimum SSL/TLS protocol version to use."),
+ NULL,
+ GUC_SUPERUSER_ONLY
+ },
+ &ssl_min_protocol_version,
+ PG_TLS1_VERSION,
+ ssl_protocol_versions_info + 1 /* don't allow PG_TLS_ANY */,
+ NULL, NULL, NULL
+ },
+
+ {
+ {"ssl_max_protocol_version", PGC_SIGHUP, CONN_AUTH_SSL,
+ gettext_noop("Sets the maximum SSL/TLS protocol version to use."),
+ NULL,
+ GUC_SUPERUSER_ONLY
+ },
+ &ssl_max_protocol_version,
+ PG_TLS_ANY,
+ ssl_protocol_versions_info,
+ NULL, NULL, NULL
+ },
+
/* End-of-list marker */
{
{NULL, 0, 0, NULL, NULL}, NULL, 0, NULL, NULL, NULL, NULL
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-03 07:01:50 +0000