Quick Links

Re: Support for NSS as a libpq TLS backend

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	Jacob Champion <pchampion(at)vmware(dot)com>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "hlinnaka(at)iki(dot)fi" <hlinnaka(at)iki(dot)fi>, "andrew(dot)dunstan(at)2ndquadrant(dot)com" <andrew(dot)dunstan(at)2ndquadrant(dot)com>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "michael(at)paquier(dot)xyz" <michael(at)paquier(dot)xyz>, "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de>
Subject:	Re: Support for NSS as a libpq TLS backend
Date:	2021-05-28 09:04:12
Message-ID:	F1975F74-DC71-4036-99B4-CBB2D5085EB4@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Attached is a rebase to keep bitrot at bay. On top rebasing and smaller fixes
in comments etc, this version fixes/adds a number things:

* Performs DN resolution to support the DN mapping
* Locks the SECMOD parts and PR_Init call in the frontend as per Jacobs
findings upthread
* Properly set the tokenname of the database to avoid ambigious lookups in case
multiple databases are loaded (a better name to ensure uniqueness is a TODO)
* Adds a test for certificate lookup without sslcert set

Attachment	Content-Type	Size
v36-0009-nss-Build-infrastructure.patch	application/octet-stream	21.4 KB
v36-0008-nss-Support-NSS-in-cryptohash.patch	application/octet-stream	6.1 KB
v36-0007-nss-Support-NSS-in-sslinfo.patch	application/octet-stream	3.6 KB
v36-0006-nss-Support-NSS-in-pgcrypto.patch	application/octet-stream	24.9 KB
v36-0005-nss-Documentation.patch	application/octet-stream	33.4 KB
v36-0004-nss-pg_strong_random-support.patch	application/octet-stream	2.0 KB
v36-0003-nss-Add-NSS-specific-tests.patch	application/octet-stream	57.8 KB
v36-0002-Refactor-SSL-testharness-for-multiple-library.patch	application/octet-stream	11.5 KB
v36-0001-nss-Support-libnss-as-TLS-library-in-libpq.patch	application/octet-stream	98.5 KB

In response to

Re: Support for NSS as a libpq TLS backend at 2021-05-27 20:31:07 from Daniel Gustafsson

Responses

Re: Support for NSS as a libpq TLS backend at 2021-06-14 22:15:47 from Jacob Champion

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tomas Vondra	2021-05-28 10:35:34	Re: Add ZSON extension to /contrib/
Previous Message	houzj.fnst@fujitsu.com	2021-05-28 08:47:01	RE: Parallel Inserts in CREATE TABLE AS