Re: Support for NSS as a libpq TLS backend

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Jacob Champion <pchampion(at)vmware(dot)com>, "hlinnaka(at)iki(dot)fi" <hlinnaka(at)iki(dot)fi>, "andrew(dot)dunstan(at)2ndquadrant(dot)com" <andrew(dot)dunstan(at)2ndquadrant(dot)com>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de>
Subject: Re: Support for NSS as a libpq TLS backend
Date: 2021-04-05 02:12:22
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Mon, Apr 05, 2021 at 12:13:43AM +0200, Daniel Gustafsson wrote:
> Another rebase to cope with recent changes (hmac, ssl tests etc) that
> conflicted and broke this patchset.

Please find an updated set, v35, attached, and my apologies for
breaking again your patch set. While testing this patch set and
adjusting the SSL tests with HEAD, I have noticed what looks like a
bug with the DN mapping that NSS does not run. The connection strings
are the same in v35 and in v34, with dbname only changing in-between.

Just to be sure, because I could have done something wrong with the
rebase of v35, I have done the same test with v34 applied on top of
dfc843d and things are failing. So it seems to me that there is an
issue with the DN mapping part.

Attachment Content-Type Size
v35-0001-nss-Support-libnss-as-TLS-library-in-libpq.patch text/x-diff 94.1 KB
v35-0002-Refactor-SSL-testharness-for-multiple-library.patch text/x-diff 11.4 KB
v35-0003-nss-Add-NSS-specific-tests.patch text/x-diff 56.6 KB
v35-0004-nss-pg_strong_random-support.patch text/x-diff 2.0 KB
v35-0005-nss-Documentation.patch text/x-diff 33.4 KB
v35-0006-nss-Support-NSS-in-pgcrypto.patch text/x-diff 25.0 KB
v35-0007-nss-Support-NSS-in-sslinfo.patch text/x-diff 3.6 KB
v35-0008-nss-Support-NSS-in-cryptohash.patch text/x-diff 6.1 KB
v35-0009-nss-Build-infrastructure.patch text/x-diff 21.3 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Michael Paquier 2021-04-05 02:20:08 Re: [PATCH] typo fix in collationcmds.c: "if they are distinct"
Previous Message Michael Paquier 2021-04-05 01:36:01 Re: Improve error matching patterns in the SSL tests