Re: Add support to TLS 1.3 cipher suites and curves lists
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Peter Eisentraut <peter@eisentraut.org>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>,
Erica Zhang <ericazhangy2021@qq.com>,
Andres Freund <andres@anarazel.de>,
Jelte Fennema-Nio <postgres@jeltef.nl>,
pgsql-hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-10-15T10:42:39Z
Lists: pgsql-hackers
> On 14 Oct 2024, at 15:08, Peter Eisentraut <peter@eisentraut.org> wrote:
>
> On 26.09.24 11:01, Daniel Gustafsson wrote:
>> Attached is a v7 which address a test failure in the CI. It turns out that the
>> test_misc module gather GUC names using the :alpha: character class which only
>> allows alphabetic whereas GUC names can have digits in them. The 0001 patch
>> fixes this by instead using the :alnum: character class which allows all
>> alphanumeric characters. This is not directly related to this patch, it just
>> happened to be exposed by it.
>
> If we are raising the minimum version to OpenSSL 1.1.1, couldn't we then remove the version check introduced by commit c3333dbc0c0 ("Only perform pg_strong_random init when required")?
That's a very good point, I've done this in the v8 attached just upthread.
> FWIW, these patches generally look okay to me. I haven't done much in-depth checking, but overall everything looks sensible. I think Jacob already provided more in-depth reviews, but let me know if you need anything else on this.
Thanks! I think the v8 posted todays is about ready to go in and unless there
are objections I'll go ahead with it shortly.
--
Daniel Gustafsson
Commits
-
Handle alphanumeric characters in matching GUC names
- f81855171f95 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 cited