Re: Support for NSS as a libpq TLS backend

Поиск
Список
Период
Сортировка
От Daniel Gustafsson
Тема Re: Support for NSS as a libpq TLS backend
Дата
Msg-id A89F3823-40BD-4469-AFA8-819C20C0B24D@yesql.se
обсуждение исходный текст
Ответ на Re: Support for NSS as a libpq TLS backend  (Jacob Champion <pchampion@vmware.com>)
Ответы Re: Support for NSS as a libpq TLS backend
Re: Support for NSS as a libpq TLS backend
Список pgsql-hackers
Дерево обсуждения 
> On 19 Jul 2021, at 21:33, Jacob Champion <pchampion@vmware.com> wrote:

> ..client connections will crash if
> hostaddr is provided rather than host, because SSL_SetURL can't handle
> a NULL argument. I'm running with 0002 to fix it for the moment, but
> I'm not sure yet if it does the right thing for IP addresses, which the
> OpenSSL side has a special case for.

AFAICT the idea is to handle it in the cert auth callback, so I've added some
PoC code to check for sslsni there and updated the TODO comment to reflect
that.

I've applied your patches in the attached rebase which passes all tests for me.

--
Daniel Gustafsson        https://vmware.com/
Вложения

В списке pgsql-hackers по дате отправления:

Предыдущее
От: John Naylor
Дата:
Сообщение: Re: speed up verifying UTF-8
Следующее
От: Robert Haas
Дата:
Сообщение: Re: .ready and .done files considered harmful