Re: Serverside SNI support in libpq
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Michael Paquier <michael@paquier.xyz>
Cc: Andres Freund <andres@anarazel.de>,
Jacob Champion <jacob.champion@enterprisedb.com>,
Pgsql Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2025-09-02T12:48:43Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
ssl: Serverside SNI support for libpq
- 4f433025f666 19 (unreleased) landed
-
ssl: Add tests for client CA
- 25e568ba7ce7 19 (unreleased) landed
> On 1 Sep 2025, at 03:58, Michael Paquier <michael@paquier.xyz> wrote: > > On Wed, Aug 27, 2025 at 09:49:34PM +0200, Daniel Gustafsson wrote: >> When looking into why the SNI tests failed on Windows I think I found a >> pre-existing issue that we didn't have tests for, which my patch added tests >> for and thus broke. >> >> The test I added was to check restarting and reloading with ssl passphrase >> commands (which we do have testcoverage for) with a subsequent connection test >> to ensure it didn't just work to start the cluster. > > Would this part be better if extracted from the main patch and then > backpatched? Even if not backpatched, a split would be cleaner on > HEAD, I assume, leading to less fuzz with the main patch. Yes, that's my plan, just wanted to float it here first to see if I was thinking about it all wrong. I will raise it on its own thread on -hackers. The backpatchable portion is probably limited to a docs entry clarifying the behaviour on Windows. -- Daniel Gustafsson