Re: Add support to TLS 1.3 cipher suites and curves lists
Peter Eisentraut <peter@eisentraut.org>
From: Peter Eisentraut <peter@eisentraut.org>
To: Daniel Gustafsson <daniel@yesql.se>,
Jacob Champion <jacob.champion@enterprisedb.com>
Cc: Erica Zhang <ericazhangy2021@qq.com>, Andres Freund <andres@anarazel.de>,
Jelte Fennema-Nio <postgres@jeltef.nl>,
pgsql-hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-10-14T13:08:32Z
Lists: pgsql-hackers
On 26.09.24 11:01, Daniel Gustafsson wrote:
> Attached is a v7 which address a test failure in the CI. It turns out that the
> test_misc module gather GUC names using the :alpha: character class which only
> allows alphabetic whereas GUC names can have digits in them. The 0001 patch
> fixes this by instead using the :alnum: character class which allows all
> alphanumeric characters. This is not directly related to this patch, it just
> happened to be exposed by it.
If we are raising the minimum version to OpenSSL 1.1.1, couldn't we then
remove the version check introduced by commit c3333dbc0c0 ("Only perform
pg_strong_random init when required")?
FWIW, these patches generally look okay to me. I haven't done much
in-depth checking, but overall everything looks sensible. I think Jacob
already provided more in-depth reviews, but let me know if you need
anything else on this.
Commits
-
Handle alphanumeric characters in matching GUC names
- f81855171f95 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 cited