Home > mailing lists

Re: SSL SNI - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: SSL SNI
Date	June 3, 2021 20:52:41
Msg-id	14840.1622742761@sss.pgh.pa.us Whole thread Raw
In response to	Re: SSL SNI (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: SSL SNI
List	pgsql-hackers

Tree view

I wrote:
> Jacob Champion <pchampion@vmware.com> writes:
>> It looks like this code needs some guards for a NULL conn->pghost. For example when running
>> psql 'dbname=postgres sslmode=require hostaddr=127.0.0.1'
>> with no PGHOST in the environment, psql is currently segfaulting for
>> me.

> Duplicated here:

It looks like the immediate problem can be resolved by just adding
a check for conn->pghost not being NULL, since the comment above
says

     * Per RFC 6066, do not set it if the host is a literal IP address (IPv4
     * or IPv6).

and having only hostaddr certainly fits that case.  But I didn't
check to see if any more problems arise later.

            regards, tom lane

pgsql-hackers by date:

From: Daniel Gustafsson
Date: 03 June 2021, 20:47:45
Subject: Re: Support for NSS as a libpq TLS backend

From: Jeff Davis
Date: 03 June 2021, 21:02:56
Subject: Re: BUG #16079: Question Regarding the BUG #16064

Re: SSL SNI - Mailing list pgsql-hackers

Previous

Next