| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Graham Leggett <minfrin(at)sharp(dot)fm> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [Patch] Log SSL certificate verification errors |
| Date: | 2017-11-11 04:23:48 |
| Message-ID: | CAB7nPqSSMiH-G4bsbXu6rY6z6JgXAa5995Wv5S7OJis8t27C0A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Nov 11, 2017 at 3:34 AM, Graham Leggett <minfrin(at)sharp(dot)fm> wrote:
> Currently neither the server side nor the client side SSL certificate verify callback does anything, leading to potential hair-tearing-out moments.
>
> The following patch to master implements logging of all certificate verification failures, as well as (crucially) which certificates failed to verify, and at what depth, so the admin can zoom in straight onto the problem without any guessing.
Could you attach as a file to this thread a patch that can be easily
applied? Using git --format-patch or simply diff is just fine.
Here are also some community guidelines on the matter:
https://wiki.postgresql.org/wiki/Submitting_a_Patch
And if you are looking for feedback, you should register it to the
next commit fest:
https://commitfest.postgresql.org/16/
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2017-11-11 08:48:42 | Re: [PATCH] A hook for session start |
| Previous Message | Michael Paquier | 2017-11-11 00:04:21 | Re: pg_upgrade to clusters with a different WAL segment size |