Re: Postgres and TLSv1.2
| От | Jan Bilek |
|---|---|
| Тема | Re: Postgres and TLSv1.2 |
| Дата | |
| Msg-id | 555E7D23.8070201@eftlab.co.uk обсуждение исходный текст |
| Ответ на | Re: Postgres and TLSv1.2 (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On 22/05/15 10:45, Tom Lane wrote: > I wrote: >> I think this was probably a mistake. I suggest that in the back branches >> we should leave the server alone (rejecting SSL v3 might annoy somebody >> using old non-libpq clients) but adjust libpq to use SSLv23_method() plus >> SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3. IOW, back-patch 820f08cabdcbb899, >> though perhaps also the comment adjustments in 326e1d73c476a0b5. >> This would have the effect of allowing libpq to use TLS-anything, not only >> TLSv1 which is what it's been requiring since 7.3.2. > Done at > http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c6b7b9a9cef1253ad12122959d0e78f62d8aee1f > > This is too late for tomorrow's releases, but it will be in the next minor > releases --- or if you're in a hurry, you could apply that patch locally. > > regards, tom lane This is excellent! Thank you! Kind Regards, Jan
В списке pgsql-hackers по дате отправления: