Re: SSL compression info in psql header
| От | Magnus Hagander |
|---|---|
| Тема | Re: SSL compression info in psql header |
| Дата | |
| Msg-id | CABUevEy2OjjPfz8WrsE6CY5GxJP2YVPR5FfwVg8D7tkf4DZi5Q@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: SSL compression info in psql header (Robert Haas <robertmhaas@gmail.com>) |
| Список | pgsql-hackers |
On Tue, Jul 15, 2014 at 1:08 AM, Robert Haas <robertmhaas@gmail.com> wrote: > On Sat, Jul 12, 2014 at 8:49 AM, Magnus Hagander <magnus@hagander.net> wrote: >> It's today really hard to figure out if your SSL connection is >> actually *using* SSL compression. This got extra hard when we the >> default value started getting influenced by environment variables at >> least on many platforms after the crime attacks. ISTM we should be >> making this easier for the user. >> >> Attached patch adds compression info at least to the header of the >> psql banner, as that's very non-intrusive. I think this is a small >> enough change, yet very useful, that we should squeeze it into 9.4 >> before the next beta. Not sure if it can be qualified enough of a bug >> to backpatch further than that though. >> >> As far as my research shows, the function >> SSL_get_current_compression() which it uses was added in OpenSSL >> 0.9.6, which is a long time ago (stopped being maintained in 2004). >> AFAICT even RHEL *3* shipped with 0.9.7. So I think we can safely rely >> on it, especially since we only check for whether it returns NULL or >> not. >> >> Comments? > > Seems like a fine change. I think it would be OK to slip it into 9.4, > too, but I don't think we should back-patch it further than that. Applied and backpatched to 9.4. I also included updating the similar row that goes in the server log (new as of 9.4) to include it, for consistency. -- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/
В списке pgsql-hackers по дате отправления: