| From: | "Dewei Dai" <daidewei1970(at)163(dot)com> |
|---|---|
| To: | "Daniel Gustafsson" <daniel(at)yesql(dot)se>, li(dot)evan(dot)chao <li(dot)evan(dot)chao(at)gmail(dot)com> |
| Cc: | "Jacob Champion" <jacob(dot)champion(at)enterprisedb(dot)com>, "Michael Paquier" <michael(at)paquier(dot)xyz>, "Andres Freund" <andres(at)anarazel(dot)de>, "Pgsql Hackers" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Re: Serverside SNI support in libpq |
| Date: | 2025-11-26 09:14:52 |
| Message-ID: | 2025112617144938459246@163.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi Daniel,
I just reviewed the v11 patch and got a few comments:
1 - commit message
```This adds support for serverside SNI such that certficate/key handling
```
Typo: certficate -> certificate
2 -be-secure-openssl.c
```* host/snimode match, but we need something to drive the hand- shake till
```
Typo: hand- shake ->handshake
3 - be-secure-openssl.c
```
errhint("In strict ssl_snimode there need to be at least one entry in pg_hosts.conf."));
there needs to be
```
Typo: There need to be -> there needs to be
4 - src/backend/makefile
It is recommended to delete pg_hosts.conf.sample during the `make uninstall` command
5 - be-secure-openssl.c
```
be_tls_destroy(void)
{
+ ListCell *cell;
+
+ foreach(cell, contexts)
+ {
+ HostContext *host_context = lfirst(cell);
+
+ SSL_CTX_free(host_context->context);
+ pfree(host_context);
+ }
`````
In the `be_tls_destroy` function, the context is released, but it is not set to null.
This is similar to the `free_context` function, and it seems that it can be called directly.
Best regards
daidewei1970(at)163(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Corey Huinker | 2025-11-26 09:21:46 | Re: Extended Statistics set/restore/clear functions. |
| Previous Message | Sugamoto Shinya | 2025-11-26 08:55:09 | Re: [PATCH] Add error hints for invalid COPY options |