| From: | Jacob Champion <pchampion(at)vmware(dot)com> |
|---|---|
| To: | "daniel(at)yesql(dot)se" <daniel(at)yesql(dot)se> |
| Cc: | "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net> |
| Subject: | Re: Support for NSS as a libpq TLS backend |
| Date: | 2021-02-17 22:02:38 |
| Message-ID: | 78ae2dcf73f64b95a62813ebe5a8f4e1ce681b7f.camel@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 2021-02-17 at 22:19 +0100, Daniel Gustafsson wrote:
> > On 17 Feb 2021, at 02:02, Jacob Champion <pchampion(at)vmware(dot)com> wrote:
> > Would that be desirable, or do we want this interface to be something
> > more generally compatible with (some as-of-yet unspecified) spec?
>
> Regardless of approach taken I think this sounds like something that should be
> tackled in a follow-up patch if the NSS patch is merged - and probably only as
> a follow-up to a patch that adds test coverage to sslinfo.
Sounds good, and +1 to adding coverage at the same time.
> From the sounds of
> things me may not be able to guarantee stability across OpenSSL versions as it
> is right now?
Yeah. I was going to write that OpenSSL would be unlikely to change
these once they're added for the first time, but after checking GitHub
it looks like they have done so recently [1], as part of a patch
release no less.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2021-02-17 22:09:19 | Re: new heapcheck contrib module |
| Previous Message | Thomas Munro | 2021-02-17 21:45:53 | Re: pg_collation_actual_version() ERROR: cache lookup failed for collation 123 |