Quick Links

Re: [PATCH] Accept IP addresses in server certificate SANs

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Jacob Champion <pchampion(at)vmware(dot)com>, "horikyota(dot)ntt(at)gmail(dot)com" <horikyota(dot)ntt(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: [PATCH] Accept IP addresses in server certificate SANs
Date:	2022-03-27 22:44:07
Message-ID:	3F1A8748-DEF8-454C-B7ED-F536CCF7F115@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> On 27 Mar 2022, at 23:19, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> This may be caused by 9ca234bae or 4a7e964fc.

I'd say 4a7e964fc is the culprit here. From a quick skim the the
switch_server_cert() calls need to be changed along the lines of:

from: switch_server_cert($node, 'server-ip-in-dnsname');
to: switch_server_cert($node, certfile => 'server-ip-in-dnsname');

There migth be more changes required, that was the one that stood out. Unless
someone beats me to it I'll take a look at fixing up the test in this patch
tomorrow.

--
Daniel Gustafsson https://vmware.com/

In response to

Re: [PATCH] Accept IP addresses in server certificate SANs at 2022-03-27 21:19:27 from Tom Lane

Responses

Re: [PATCH] Accept IP addresses in server certificate SANs at 2022-03-28 09:17:25 from Daniel Gustafsson

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2022-03-27 23:14:25	Re: SQL/JSON: functions
Previous Message	Peter Geoghegan	2022-03-27 21:36:54	Re: Assert in pageinspect with NULL pages