On Sat, Jul 12, 2014 at 8:49 AM, Magnus Hagander <magnus@hagander.net> wrote:
> It's today really hard to figure out if your SSL connection is
> actually *using* SSL compression. This got extra hard when we the
> default value started getting influenced by environment variables at
> least on many platforms after the crime attacks. ISTM we should be
> making this easier for the user.
>
> Attached patch adds compression info at least to the header of the
> psql banner, as that's very non-intrusive. I think this is a small
> enough change, yet very useful, that we should squeeze it into 9.4
> before the next beta. Not sure if it can be qualified enough of a bug
> to backpatch further than that though.
>
> As far as my research shows, the function
> SSL_get_current_compression() which it uses was added in OpenSSL
> 0.9.6, which is a long time ago (stopped being maintained in 2004).
> AFAICT even RHEL *3* shipped with 0.9.7. So I think we can safely rely
> on it, especially since we only check for whether it returns NULL or
> not.
>
> Comments?
Seems like a fine change. I think it would be OK to slip it into 9.4,
too, but I don't think we should back-patch it further than that.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
