| From: | Dave Cramer <pg(at)fastcrypt(dot)com> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Postgres hackers <pgsql-hackers(at)postgresql(dot)org>, sfackler(at)gmail(dot)com, Peter Eisentraut <peter_e(at)gmx(dot)net>, Alvaro Hernandez <aht(at)ongres(dot)com> |
| Subject: | Re: Supporting tls-server-end-point as SCRAM channel binding for OpenSSL 1.0.0 and 1.0.1 |
| Date: | 2018-06-24 17:49:43 |
| Message-ID: | CADK3HH+H=DkwM_vdjAk7jESwV5Y4FNK=Wfyoq7apDVRkvk9Mug@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 29 May 2018 at 22:48, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
> On Tue, May 29, 2018 at 10:33:03PM -0400, Heikki Linnakangas wrote:
> > Hmm. I think Peter went through this in commits ac3ff8b1d8 and
> 054e8c6cdb.
> > If you got that working now, I suppose we could do that, but I'm actually
> > inclined to just stick to the current, more straightforward code, and
> > require OpenSSL 1.0.2 for this feature. OpenSSL 1.0.2 has been around for
> > several years now. It's not available on all the popular platforms and
> > distributions yet, but I don't want to bend over backwards to support
> those.
>
> I think that this mainly boils down to how much Postgres JDBC wants to
> get support here as some vendors can maintain oldest versions of OpenSSL
> for a long time. The extra code is not that much complicated by the
> way, still it is true that HEAD is cleaner with its simplicity.
>
>
I'm unclear what this has to do with JDBC ? JDBC doesn't use OpenSSL
Alvaro ?
Dave Cramer
davec(at)postgresintl(dot)com
www.postgresintl.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vik Fearing | 2018-06-24 18:41:11 | Re: New GUC to sample log queries |
| Previous Message | Tomas Vondra | 2018-06-24 16:42:55 | Re: Using JSONB directly from application |