| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com> |
| Subject: | Re: Support for NSS as a libpq TLS backend |
| Date: | 2020-10-20 12:24:24 |
| Message-ID: | B1ADEE76-3E33-4E9D-B830-3AA89B1C42D2@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
The attached v12 adds support for pgcrypto as well as pg_strong_random, which I
believe completes the required subsystems where we have OpenSSL support today.
I opted for not adding code to handle the internal shaXXX implementations until
the dust settles around the proposal to change the API there.
Blowfish is not supported by NSS AFAICT, even though the cipher mechanism is
defined, so the internal implementation is used there instead. CAST5 is
supported, but segfaults inside NSS on most inputs so support for that is not
included for now.
cheers ./daniel
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Support-for-NSS-as-a-TLS-backend-v12.patch | application/octet-stream | 197.8 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dilip Kumar | 2020-10-20 12:29:39 | Re: Is Recovery actually paused? |
| Previous Message | Masahiko Sawada | 2020-10-20 12:23:52 | Re: Resetting spilled txn statistics in pg_stat_replication |