Home > mailing lists

Re: Review:Patch: SSL: prefer server cipher order - Mailing list pgsql-hackers

From	Adrian Klaver
Subject	Re: Review:Patch: SSL: prefer server cipher order
Date	November 15, 2013 22:17:03
Msg-id	52869D54.1010307@gmail.com Whole thread Raw
In response to	Re: Review:Patch: SSL: prefer server cipher order (Marko Kreen <markokr@gmail.com>)
Responses	Re: Review:Patch: SSL: prefer server cipher order
List	pgsql-hackers

Tree view

On 11/15/2013 11:49 AM, Marko Kreen wrote:
> On Fri, Nov 15, 2013 at 11:16:25AM -0800, Adrian Klaver wrote:
>> The description of the GUCs show up in the documentation but I am
>> not seeing the GUCs themselves in postgresql.conf, so I could test
>> no further. It is entirely possible I am missing a step and would
>> appreciate enlightenment.
>
> Sorry, I forgot to update sample config.
>
> ssl-prefer-server-cipher-order-v2.patch
> - Add GUC to sample config
> - Change default value to 'true', per comments from Alvaro and Magnus.
>
> ssl-ecdh-v2.patch
> - Add GUC to sample config
>

Well that worked.
I made ssl connections to the server using psql and verified it 
respected the order of ssl_ciphers. I do not have a client available 
with a different view of cipher order so I cannot test that.

-- 
Adrian Klaver
adrian.klaver@gmail.com

pgsql-hackers by date:

From: "David E. Wheeler"
Date: 15 November 2013, 22:16:51
Subject: Re: additional json functionality

From: Hannu Krosing
Date: 15 November 2013, 22:33:24
Subject: Re: additional json functionality

Re: Review:Patch: SSL: prefer server cipher order - Mailing list pgsql-hackers

Previous

Next