| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Andres Freund <andres(at)anarazel(dot)de>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Marko Kreen <markokr(at)gmail(dot)com>, Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Subject: | Re: ecdh support causes unnecessary roundtrips |
| Date: | 2026-02-13 22:32:18 |
| Message-ID: | 5C2F5B2D-23B5-44C0-96D2-D57781F18FE2@yesql.se |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>> Maybe we can create a lightweight throw-away context in a check hook and ensure
>> the settings work?
>
> Yeah, I was envisioning something like that. The main trick would be
> to ensure that we can't error out, but given that we'd mostly be
> calling OpenSSL code, ensuring that there's no ereport(ERROR)
> shouldn't be too hard.
This is sort being added as already as part of the SNI patchset, so I'll see if
I can steal something from there in case that seems to miss the v19 train.
> But I'd counsel getting the easy bits (1) and (2) out of the way
> first.
Absolutely, the attached is what I had planned for addressing this.
--
Daniel Gustafsson
| Attachment | Content-Type | Size |
|---|---|---|
| 0002-doc-Add-note-to-ssl_group-config-on-X25519-and-FIPS.patch | application/octet-stream | 1.3 KB |
| 0001-Avoid-using-the-X25519-curve-in-ssl-tests.patch | application/octet-stream | 1.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2026-02-13 23:09:25 | Re: Speed up COPY FROM text/CSV parsing using SIMD |
| Previous Message | Andres Freund | 2026-02-13 22:14:01 | pgstat include expansion |