Fix the sense of the test on DH_check()'s return value. This was preventing

custom-generated DH parameters from actually being used by the server. Found by Michael Fuhr.

Fix the sense of the test on DH_check()'s return value. This was preventing
custom-generated DH parameters from actually being used by the server. Found by Michael Fuhr.
91d568e9 · Tom Lane · 2246e317 · 91d568e9
Commit 91d568e9 authored May 12, 2006 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

src/backend/libpq/be-secure.c src/backend/libpq/be-secure.c +2 -2

No files found.
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.69 2006/05/06 02:24:39 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.70 2006/05/12 22:44:36 tgl Exp $
 *
 *	  Since the server static private key ($DataDir/server.key)
 *	  will normally be stored unencrypted so that the database
@@ -524,7 +524,7 @@ load_dh_file(int keylength)
 	/* make sure the DH parameters are usable */
 	if (dh != NULL)
 	{
-		if (DH_check(dh, &codes))
+		if (DH_check(dh, &codes) == 0)
 		{
 			elog(LOG, "DH_check error (%s): %s", fnbuf, SSLerrmessage());
 			return NULL;