Re: [HACKERS] Support for Secure Transport SSL library on macOS as OpenSSL alternative

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
Cc: PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [HACKERS] Support for Secure Transport SSL library on macOS as OpenSSL alternative
Date: 2018-01-23 21:18:24
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> On 23 Jan 2018, at 22:04, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> On 1/23/18 14:59, Daniel Gustafsson wrote:
>> It’s not specific to the implementation per se, but it increases the likelyhood
>> of hitting it. In order to load certificates from Keychains the cert common
>> name must be specified in the connstr, when importing the testfiles into
>> keychains I ran into it for example src/test/ssl/client_ca.config.
> The change is
> - 'psql', '-X', '-A', '-t', '-c', "SELECT 'connected with $connstr'",
> + 'psql', '-X', '-A', '-t', '-c', "SELECT \$\$connected with $connstr\$\$",
> So the problem must have been a single quote in the connstr.

Right, looking back at B5E2B87D-3E8A-4597-9A7F-8489B3B67556(at)yesql(dot)se I realized
I was misremembering, the issue was that I had sslcert:'keychain:common name’
parameters to encapsulate the whitespace into a string value. Sorry about that.

> That can surely happen, but then so can having a $$. So without a
> concrete example, I'm not sure how to proceed.

Awaiting with this until the discussion on how to handle configuration and
parameter per SSL implementation lands is probably best.

cheers ./daniel

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Vik Fearing 2018-01-23 21:56:57 Tab complete after FROM ONLY
Previous Message Sergei Kornilov 2018-01-23 21:13:51 Re: Index-only scan returns incorrect results when using a composite GIST index with a gist_trgm_ops column.