SSL compression info in psql header

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: SSL compression info in psql header
Date: 2014-07-12 12:49:49
Message-ID: CABUevEx_zFETGdMjar-Dk3JM6k6q7kf3ks254bCo5Vhe22ZdMg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

It's today really hard to figure out if your SSL connection is
actually *using* SSL compression. This got extra hard when we the
default value started getting influenced by environment variables at
least on many platforms after the crime attacks. ISTM we should be
making this easier for the user.

Attached patch adds compression info at least to the header of the
psql banner, as that's very non-intrusive. I think this is a small
enough change, yet very useful, that we should squeeze it into 9.4
before the next beta. Not sure if it can be qualified enough of a bug
to backpatch further than that though.

As far as my research shows, the function
SSL_get_current_compression() which it uses was added in OpenSSL
0.9.6, which is a long time ago (stopped being maintained in 2004).
AFAICT even RHEL *3* shipped with 0.9.7. So I think we can safely rely
on it, especially since we only check for whether it returns NULL or
not.

Comments?

--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/

Attachment Content-Type Size
psql_sslcompress.patch text/x-patch 628 bytes

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Magnus Hagander 2014-07-12 13:08:01 SSL information view
Previous Message Magnus Hagander 2014-07-12 12:23:34 Re: Missing autocomplete for CREATE DATABASE