On Sat, Nov 16, 2013 at 01:03:05PM -0800, Adrian Klaver wrote:
> On 11/16/2013 12:37 PM, Marko Kreen wrote:
> >Thanks for testing!
> >
> >On Sat, Nov 16, 2013 at 12:17:40PM -0800, Adrian Klaver wrote:
> >>On 11/16/2013 06:24 AM, Marko Kreen wrote:
> >>>ssl-better-default:
> >>> SSL should stay working, openssl ciphers -v 'value' should not contain
> >>> any weak suites (RC4, SEED, DES-CBC, EXP, NULL) and no non-authenticated
> >>> suites (ADH/AECDH).
> >>
> >>Not sure about the above, if it is a GUC I can't find it. If it is
> >>something else than I will have to plead ignorance.
> >
> >The patch just changes the default value for 'ssl_ciphers' GUC.
>
> I am still not sure what patch you are talking about. The two
> patches I saw where for server_prefer and ECDH key exchange.
>
> >
> >The question is if the value works at all, and is good.
> >
>
> What value would we be talking about?
Ah, sorry. It's this one:
https://commitfest.postgresql.org/action/patch_view?id=1310
> Note: I have been working through a head cold and thought processes
> are sluggish, handle accordingly:)
Get better soon! :)
--
marko