| From: | Jacob Champion <pchampion(at)vmware(dot)com> |
|---|---|
| To: | "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] Accept IP addresses in server certificate SANs |
| Date: | 2022-01-03 16:21:08 |
| Message-ID: | 332c5f75b3f47c383c92054c514e3e44572ab2e7.camel@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, 2022-01-02 at 13:29 -0800, Andres Freund wrote:
> Hi,
>
> On 2021-12-16 01:13:57 +0000, Jacob Champion wrote:
> > Attached is a patch for libpq to support IP addresses in the server's
> > Subject Alternative Names, which would allow admins to issue certs for
> > multiple IP addresses, both IPv4 and IPv6, and mix them with
> > alternative DNS hostnames. These addresses are compared bytewise
> > instead of stringwise, so the client can contact the server via
> > alternative spellings of the same IP address.
>
> This fails to build on windows:
> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcirrus-ci.com%2Ftask%2F6734650927218688%3Flogs%3Dbuild%23L1029&data=04%7C01%7Cpchampion%40vmware.com%7C2b2171168f3c4935e89f08d9ce36f790%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637767557770534489%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JtfsPtershSljU1oDGrkL8bQiHYB3iMfUgTqlh%2B4wbs%3D&reserved=0
>
> [14:33:28.277] network.obj : error LNK2019: unresolved external symbol pg_inet_net_pton referenced in function network_in [c:\cirrus\postgres.vcxproj]
Thanks for the heads up; I'll fix that while I'm implementing the
internal API.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-01-03 16:23:56 | Re: Remove extra spaces |
| Previous Message | Jacob Champion | 2022-01-03 16:19:07 | Re: [PATCH] Accept IP addresses in server certificate SANs |