| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Andreas Karlsson <andreas(at)proxel(dot)se>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] GnuTLS support |
| Date: | 2018-06-27 06:17:05 |
| Message-ID: | 503af60d-e183-5c01-f105-627fa7de148d@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 3/8/18 20:13, Peter Eisentraut wrote:
> In the thread about Secure Transport we agreed to move the consideration
> of new SSL libraries to PG12.
>
> Here is my current patch, after all the refactorings.
>
> The status is that it works fine and could be used.
>
> There are two failures in the SSL tests that I cannot explain. The
> tests are for some rather obscure configurations, so the changed
> behaviors are not obviously wrong, perhaps legitimate implementation
> differences. But someone wrote those tests with a purpose (probably),
> so we should have some kind of explanation for the regressions.
>
> Other non-critical, nice-to-have issues:
>
> - Do something about sslinfo, perhaps fold into pg_stat_ssl view.
> - Do something about pgcrypto.
> - Add tests for load_dh_file().
> - Implement channel binding tls-server-end-point.
Also, ...
- Add ssl_passphrase_command support.
I'm moving this patch forward to CF 2018-09, since it's not going to be
ready for -07, and we're still whacking around some channel binding
details, which would potentially interfere with this patch.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2018-06-27 06:20:21 | commitfest app moving patch error |
| Previous Message | Jeevan Chalke | 2018-06-27 06:13:59 | Re: Server crashed with TRAP: FailedAssertion("!(parallel_workers > 0)" when partitionwise_aggregate true. |