| From: | Greg Stark <stark(at)mit(dot)edu> |
|---|---|
| To: | Vladimir Sitnikov <sitnikov(dot)vladimir(at)gmail(dot)com> |
| Cc: | Andrey Borodin <amborodin86(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Experiments with Postgres and SSL |
| Date: | 2023-03-20 20:31:03 |
| Message-ID: | CAM-w4HP7ymHk8mrA8ZdcJSMXSx6hg+pHd6hUFrdup-awkjW=Ug@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Here's a first cut at ALPN support.
Currently it's using a hard coded "Postgres/3.0" protocol (hard coded
both in the client and the server...). And it's hard coded to be
required for direct connections and supported but not required for
regular connections.
IIRC I put a variable labeled a "GUC" but forgot to actually make it a
GUC. But I'm thinking of maybe removing that variable since I don't
see much of a use case for controlling this manually. I *think* ALPN
is supported by all the versions of OpenSSL we support.
The other patches are unchanged (modulo a free() that I missed in the
client before). They still have the semi-open issues I mentioned in
the previous email.
--
greg
| Attachment | Content-Type | Size |
|---|---|---|
| v3-0004-alpn-support.patch | text/x-patch | 10.9 KB |
| v3-0001-Direct-SSL-connections-postmaster-support.patch | text/x-patch | 9.3 KB |
| v3-0002-Direct-SSL-connections-client-support.patch | text/x-patch | 7.3 KB |
| v3-0003-Direct-SSL-connections-documentation.patch | text/x-patch | 6.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2023-03-20 20:34:26 | Re: Commitfest 2023-03 starting tomorrow! |
| Previous Message | Greg Stark | 2023-03-20 20:22:18 | Re: Commitfest 2023-03 starting tomorrow! |