Re: [HACKERS] libpq connection strings: control over the cipher suites?

Поиск
Список
Период
Сортировка
От Michael Paquier
Тема Re: [HACKERS] libpq connection strings: control over the cipher suites?
Дата
Msg-id CAB7nPqS0Z36nEc0qqgC8JWdUDQew5fR05QaLvx9yWNteKdGb1Q@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [HACKERS] libpq connection strings: control over the ciphersuites?  (Joe Conway <mail@joeconway.com>)
Ответы Re: [HACKERS] libpq connection strings: control over the ciphersuites?
Список pgsql-hackers
Дерево обсуждения 
On Fri, Nov 10, 2017 at 2:53 AM, Joe Conway <mail@joeconway.com> wrote:
> On 11/09/2017 03:27 AM, Graham Leggett wrote:
>> Is there a parameter or mechanism for setting the required ssl cipher list from the client side?
>
> I don't believe so. That is controlled by ssl_ciphers, which requires a
> restart in order to change.
>
> https://www.postgresql.org/docs/10/static/runtime-config-connection.html#GUC-SSL-CIPHERS

Since commit de41869 present in v10, SSL parameters can be reloaded.
On libpq there is only an API to have a look at what are the ciphers
set by the server via PQsslAttribute().
-- 
Michael


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Michael Paquier
Дата:
Сообщение: Re: [HACKERS] Simplify ACL handling for large objects and removal ofsuperuser() checks
Следующее
От: Tom Lane
Дата:
Сообщение: Re: [HACKERS] Simplify ACL handling for large objects and removal of superuser() checks