|From:||Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>|
|To:||Andreas Karlsson <andreas(at)proxel(dot)se>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>|
|Subject:||Re: [HACKERS] GnuTLS support|
|Views:||Raw Message | Whole Thread | Download mbox|
In the thread about Secure Transport we agreed to move the consideration
of new SSL libraries to PG12.
Here is my current patch, after all the refactorings.
The status is that it works fine and could be used.
There are two failures in the SSL tests that I cannot explain. The
tests are for some rather obscure configurations, so the changed
behaviors are not obviously wrong, perhaps legitimate implementation
differences. But someone wrote those tests with a purpose (probably),
so we should have some kind of explanation for the regressions.
Other non-critical, nice-to-have issues:
- Do something about sslinfo, perhaps fold into pg_stat_ssl view.
- Do something about pgcrypto.
- Add tests for load_dh_file().
- Implement channel binding tls-server-end-point.
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
|Next Message||Robert Haas||2018-03-08 19:15:08||Re: Temporary tables prevent autovacuum, leading to XID wraparound|
|Previous Message||Robert Haas||2018-03-08 19:00:23||Re: public schema default ACL|