Home > mailing lists

Re: Direct SSL connection with ALPN and HBA rules - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: Direct SSL connection with ALPN and HBA rules
Date	May 13 17:54:30
Msg-id	0b42d924-1740-41c4-a628-3e2211e6bbc4@iki.fi Whole thread Raw
In response to	Re: Direct SSL connection with ALPN and HBA rules (Jelte Fennema-Nio <postgres@jeltef.nl>)
List	pgsql-hackers

Tree view

On 13/05/2024 16:55, Jelte Fennema-Nio wrote:
> On Mon, 13 May 2024 at 15:38, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>> Here's a patch to implement that.
> 
> +       if (conn->sslnegotiation[0] == 'd' &&
> +           conn->sslmode[0] != 'r' && conn->sslmode[0] != 'v')
> 
> I think these checks should use strcmp instead of checking magic first
> characters. I see this same clever trick is used in the recently added
> init_allowed_encryption_methods, and I think that should be changed to
> use strcmp too for readability.

Oh yeah, I hate that too. These should be refactored into enums, with a 
clear separate stage of parsing the options from strings. But we use 
that pattern all over the place, so I didn't want to start reforming it 
with this patch.

-- 
Heikki Linnakangas
Neon (https://neon.tech)

pgsql-hackers by date:

From: Matthias van de Meent
Date: 13 May, 17:52:49
Subject: Re: WAL_LOG CREATE DATABASE strategy broken for non-standard page layouts

From: Robert Haas
Date: 13 May, 18:14:42
Subject: Re: cataloguing NOT NULL constraints

Re: Direct SSL connection with ALPN and HBA rules - Mailing list pgsql-hackers

Previous

Next