| From: | Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> |
|---|---|
| To: | Marko Kreen <markokr(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Review:Patch: SSL: prefer server cipher order |
| Date: | 2013-11-15 22:16:52 |
| Message-ID: | 52869D54.1010307@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 11/15/2013 11:49 AM, Marko Kreen wrote:
> On Fri, Nov 15, 2013 at 11:16:25AM -0800, Adrian Klaver wrote:
>> The description of the GUCs show up in the documentation but I am
>> not seeing the GUCs themselves in postgresql.conf, so I could test
>> no further. It is entirely possible I am missing a step and would
>> appreciate enlightenment.
>
> Sorry, I forgot to update sample config.
>
> ssl-prefer-server-cipher-order-v2.patch
> - Add GUC to sample config
> - Change default value to 'true', per comments from Alvaro and Magnus.
>
> ssl-ecdh-v2.patch
> - Add GUC to sample config
>
Well that worked.
I made ssl connections to the server using psql and verified it
respected the order of ssl_ciphers. I do not have a client available
with a different view of cipher order so I cannot test that.
--
Adrian Klaver
adrian(dot)klaver(at)gmail(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hannu Krosing | 2013-11-15 22:31:18 | Re: additional json functionality |
| Previous Message | David E. Wheeler | 2013-11-15 22:16:36 | Re: additional json functionality |