On Tue, Jul 15, 2014 at 1:08 AM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Sat, Jul 12, 2014 at 8:49 AM, Magnus Hagander <magnus@hagander.net> wrote:
>> It's today really hard to figure out if your SSL connection is
>> actually *using* SSL compression. This got extra hard when we the
>> default value started getting influenced by environment variables at
>> least on many platforms after the crime attacks. ISTM we should be
>> making this easier for the user.
>>
>> Attached patch adds compression info at least to the header of the
>> psql banner, as that's very non-intrusive. I think this is a small
>> enough change, yet very useful, that we should squeeze it into 9.4
>> before the next beta. Not sure if it can be qualified enough of a bug
>> to backpatch further than that though.
>>
>> As far as my research shows, the function
>> SSL_get_current_compression() which it uses was added in OpenSSL
>> 0.9.6, which is a long time ago (stopped being maintained in 2004).
>> AFAICT even RHEL *3* shipped with 0.9.7. So I think we can safely rely
>> on it, especially since we only check for whether it returns NULL or
>> not.
>>
>> Comments?
>
> Seems like a fine change. I think it would be OK to slip it into 9.4,
> too, but I don't think we should back-patch it further than that.
Applied and backpatched to 9.4. I also included updating the similar
row that goes in the server log (new as of 9.4) to include it, for
consistency.
-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/