From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Michael Paquier <michael(at)paquier(dot)xyz> |
Cc: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Disallow SSL compression? |
Date: | 2021-03-05 12:21:01 |
Message-ID: | 3C0A2F0A-43B6-4AF6-A10D-3B4FF312A5F5@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 5 Mar 2021, at 08:04, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Thu, Mar 04, 2021 at 11:52:56PM +0100, Daniel Gustafsson wrote:
>> The attached version takes a step further and removes sslcompression from
>> pg_conn and just eats the value as there is no use in setting a dummy alue. It
>> also removes compression from PgBackendSSLStatus and be_tls_get_compression as
>> raised by Michael downthread. I opted for keeping the column in pg_stat_ssl
>> with a note in the documentation that it will be removed, for the same
>> backwards compatibility reason of eating the connection param without acting on
>> it. This might be overthinking it however.
>
> FWIW, I would vote to nuke it from all those places, reducing a bit
> pg_stat_get_activity() while on it. Keeping it around in the system
> catalogs may cause confusion IMHO, by making people think that it is
> still possible to get into configurations where sslcompression could
> be really enabled. The rest of the patch looks fine to me.
Attached is a version which removes that as well. I left the compression
keyword in PQsslAttribute on purpose, not really for backwards compatibility
(PQsslAttributeNames takes care of that) but rather since it's a more generic
connection-info function.
--
Daniel Gustafsson https://vmware.com/
Attachment | Content-Type | Size |
---|---|---|
v5-0001-Disallow-SSL-compression.patch | application/octet-stream | 26.7 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Paquier | 2021-03-05 12:37:23 | Re: Disallow SSL compression? |
Previous Message | Pavel Borisov | 2021-03-05 11:49:00 | Re: POC: GROUP BY optimization |