Re: [PATCH] Automatic client certificate selection support for libpq v1
| От | Seth Robertson |
|---|---|
| Тема | Re: [PATCH] Automatic client certificate selection support for libpq v1 |
| Дата | |
| Msg-id | 202503312029.52VKTdPA026945@no.baka.org обсуждение исходный текст |
| Ответ на | Re: [PATCH] Automatic client certificate selection support for libpq v1 (Jacob Champion <jacob.champion@enterprisedb.com>) |
| Ответы |
Re: [PATCH] Automatic client certificate selection support for libpq v1
|
| Список | pgsql-hackers |
Yes, at first glance the service file looks like it should work and is
a much more elegant and generic method than my proposed hack. I can't
trivially tell if the ssl configuration aspect of it was available in
8.3/8.4, but that isn't overly relevant since it is certainly
available now.
Thanks!
-Seth Robertson
From: Jacob Champion
Date: Mon, 31 Mar 2025 09:52:49 -0700
To: Seth Robertson,
To: Robin Haberkorn
Subject: Re: [PATCH] Automatic client certificate selection support for libpq v1
On Mon, Mar 31, 2025 at 9:01 AM Seth Robertson
<in-pgsql-hackers@baka.org> wrote:
> Third, the only real use case where this feature would be critical is
> a client which needs to have connections to two different PostgreSQL
> servers at the same time. Those applications are likely fairly rare
> and doing custom programming to support different filenames would
> likely be warranted.
Can this be handled well enough with a service file?
> Given the lack of "me too" or "+1" posts over the past 16 years, I
> suspect there may be features with higher user benefit. I would not
> cry if it gets removed.
Yeah, at least not without a solid use case. (If anyone does feel
motivated to pick it up, be aware of the server-side SNI work [1].
It'd be nice if the two halves were complementary -- or at minimum,
not clashing with each other.)
Thanks!
--Jacob
[1] https://postgr.es/m/1C81CD0D-407E-44F9-833A-DD0331C202E5%40yesql.se
В списке pgsql-hackers по дате отправления: