Re: Setting min/max TLS protocol in clientside libpq
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Magnus Hagander <magnus@hagander.net>, cary huang <hcary328@gmail.com>, PostgreSQL Developers <pgsql-hackers@lists.postgresql.org>, Daniel Gustafsson <daniel@yesql.se>
Date: 2020-01-07T00:51:08Z
Lists: pgsql-hackers
On Mon, Jan 06, 2020 at 09:37:54AM -0500, Tom Lane wrote: > Magnus Hagander <magnus@hagander.net> writes: >> Not having thought about it in much detail, but it's a fairly common >> scenario to have a much newer version of libpq (and the platform it's >> built on) than the server. E.g. a v12 libpq against a v9.6 postgres >> server is very common. For example, debian based systems will >> auto-upgrade your libpq, but not your server (for obvious reasons). >> And it's also quite common to upgrade platforms for the application >> much more frequently than the database server platform. > > Yeah, there's a reason why we expect pg_dump and psql to function with > ancient server versions. We shouldn't break this scenario with > careless rejiggering of libpq's connection defaults. Good points. Let's not do that then. -- Michael
Commits
-
Rename connection parameters to control min/max SSL protocol version in libpq
- 401aad67045b 13.0 landed
-
Add connection parameters to control SSL protocol min/max in libpq
- ff8ca5fadd81 13.0 landed
-
Move OpenSSL routines for min/max protocol setting to src/common/
- f7cd5896a696 13.0 landed