|From:||Daniel Gustafsson <daniel(at)yesql(dot)se>|
|To:||Michael Paquier <michael(at)paquier(dot)xyz>|
|Cc:||cary huang <hcary328(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org|
|Subject:||Re: Setting min/max TLS protocol in clientside libpq|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
> On 11 Jan 2020, at 03:49, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
> Hmmmmeuh. It would be perfect to rely only on OpenSSL for that part
> to bring some sanity, and compare the results fetched from the SSL
> context so as we don't have to worry about special cases in with the
> GUC reload if the parameter is not set, or the parameter value is not
I'm not convinced about this, but since there is a thread opened for discussing
the range check let's take it over there.
> Daniel, are you planning to start a new thread?
I was going to, but you beat me to it =)
>> One thing I noticed when looking at it is that we now have sha2_openssl.c and
>> openssl_protocol.c in src/common. For easier visual grouping of OpenSSL
>> functionality, it makes sense to me to rename sha2_openssl.c to openssl_sha2.c,
>> but that might just be pointless churn.
> Databases like consistency, and so do I, so no issues from me to do a
> rename of the sha2.c file. That makes sense with the addition of the
> new file.
Done in the attached v3.
|Next Message||Daniel Verite||2020-01-14 14:37:21||Re: Making psql error out on output failures|
|Previous Message||Konstantin Knizhnik||2020-01-14 14:18:31||Create/alter policy and exclusive table lock|