Re: Setting min/max TLS protocol in clientside libpq
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Magnus Hagander <magnus@hagander.net>
Cc: Michael Paquier <michael@paquier.xyz>, cary huang <hcary328@gmail.com>,
PostgreSQL Developers <pgsql-hackers@lists.postgresql.org>,
Daniel Gustafsson <daniel@yesql.se>
Date: 2020-01-06T14:37:54Z
Lists: pgsql-hackers
Magnus Hagander <magnus@hagander.net> writes: > Not having thought about it in much detail, but it's a fairly common > scenario to have a much newer version of libpq (and the platform it's > built on) than the server. E.g. a v12 libpq against a v9.6 postgres > server is very common. For example, debian based systems will > auto-upgrade your libpq, but not your server (for obvious reasons). > And it's also quite common to upgrade platforms for the application > much more frequently than the database server platform. Yeah, there's a reason why we expect pg_dump and psql to function with ancient server versions. We shouldn't break this scenario with careless rejiggering of libpq's connection defaults. regards, tom lane
Commits
-
Rename connection parameters to control min/max SSL protocol version in libpq
- 401aad67045b 13.0 landed
-
Add connection parameters to control SSL protocol min/max in libpq
- ff8ca5fadd81 13.0 landed
-
Move OpenSSL routines for min/max protocol setting to src/common/
- f7cd5896a696 13.0 landed