Re: Setting min/max TLS protocol in clientside libpq
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Michael Paquier <michael@paquier.xyz>
Cc: Tom Lane <tgl@sss.pgh.pa.us>,
cary huang <hcary328@gmail.com>,
pgsql-hackers@lists.postgresql.org
Date: 2020-01-24T11:19:31Z
Lists: pgsql-hackers
Attachments
- libpq_minmaxproto_v5.patch (application/octet-stream) patch v5
> On 17 Jan 2020, at 03:38, Michael Paquier <michael@paquier.xyz> wrote: > > On Fri, Jan 17, 2020 at 10:09:54AM +0900, Michael Paquier wrote: >> Could you please rebase and fix the remaining pieces of the patch? > > And while I remember, you may want to add checks for incorrect bounds > when validating the values in fe-connect.c... The same arguments as > for the backend part apply because we'd want to make the > implementation a maximum pluggable with all SSL libraries. Agreed. Attached is a v5 of the patch which hopefully address all the comments raised, sorry for the delay. cheers ./daniel
Commits
-
Rename connection parameters to control min/max SSL protocol version in libpq
- 401aad67045b 13.0 landed
-
Add connection parameters to control SSL protocol min/max in libpq
- ff8ca5fadd81 13.0 landed
-
Move OpenSSL routines for min/max protocol setting to src/common/
- f7cd5896a696 13.0 landed