Re: Serverside SNI support in libpq
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Jacob Champion <jacob.champion@enterprisedb.com>
Cc: Zsolt Parragi <zsolt.parragi@percona.com>,
Jelte Fennema-Nio <postgres@jeltef.nl>,
Heikki Linnakangas <hlinnaka@iki.fi>,
Dewei Dai <daidewei1970@163.com>,
"li.evan.chao" <li.evan.chao@gmail.com>,
Michael Paquier <michael@paquier.xyz>,
Andres Freund <andres@anarazel.de>,
Pgsql Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2026-03-18T14:25:13Z
Lists: pgsql-hackers
Attachments
- bf_fixes.diff (application/octet-stream) patch
> On 18 Mar 2026, at 14:01, Jacob Champion <jacob.champion@enterprisedb.com> wrote: > > On Wed, Mar 18, 2026 at 5:19 AM Daniel Gustafsson <daniel@yesql.se> wrote: >> longfin has so far reported a test failure which I am looking into. > > I took a quick look at culicidae and I think that's just due to the > use of EXEC_BACKEND. Rather than $windows_os the SKIP logic should > probably use something like 001_server's $exec_backend. That's a bit embarrassing, I spent some time investigating passphrase reloading under EXEC_BACKEND as part of this patchset.. The longfin issue is a bit more odd, I can reproduce it on macOS with OpenSSL 1.1.1 but nowhere else. Rather than reporting an SSL error for aborted handshake it reports a SYSCALL error. Using SYSCALL error for when the server close the connection abruptly is documented, but not really this case where it does so with no error codes at all (which given OpenSSL documentation doesn't really say much..). The change in the attached diff does fix it for me but I'm a bit hesitant to apply something like that, I would be more inclined to the change the expected output in the test. What are your thoughts? -- Daniel Gustafsson
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Declare load_hosts() as returning HostsFileLoadResult.
- 93da29736649 19 (unreleased) landed
-
ssl: Skip passphrase reload tests in EXEC_BACKEND builds
- e87ab5049deb 19 (unreleased) landed
-
ssl: Serverside SNI support for libpq
- 4f433025f666 19 (unreleased) landed
-
ssl: Add tests for client CA
- 25e568ba7ce7 19 (unreleased) landed