|From:||Michael Paquier <michael(at)paquier(dot)xyz>|
|To:||Daniel Gustafsson <daniel(at)yesql(dot)se>|
|Cc:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, cary huang <hcary328(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org|
|Subject:||Re: Setting min/max TLS protocol in clientside libpq|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
On Wed, Jan 15, 2020 at 02:58:09PM +0900, Michael Paquier wrote:
> On Tue, Jan 14, 2020 at 11:01:00PM +0100, Daniel Gustafsson wrote:
>> Files renamed to match existing naming convention, the rest of the patch left
> [previous review]
One thing I remembered after sleeping on it is that we can split the
patch into two parts: the refactoring pieces and the addition of the
options for libpq. The previous review mostly impacts the libpq part,
and the split is straight-forward, so attached is a patch for only the
refactoring pieces with some fixes and tweaks. I have tested it with
and without OpenSSL, using 1.0.2 and 1.1.0 on Linux and Windows
(MSVC). Those tests have allowed me to find an error in the previous
patch that I missed: the new files openssl.h and protocol_openssl.c
still declared SSL_CTX_set_min/max_proto_version as static functions,
so compilation was broken when trying to use OpenSSL <= 1.0.2.
If that looks fine, I would like to get that part committed first.
Daniel, any thoughts?
|Next Message||Michael Paquier||2020-01-16 03:35:28||Re: making the backend's json parser work in frontend code|
|Previous Message||Andres Freund||2020-01-16 03:16:30||Re: aggregate crash|