> On 25 Jul 2024, at 19:51, Jacob Champion <jacob.champ...@enterprisedb.com> > wrote:
The attached rebased version adds proper list reset, a couple of bugfixes around cert loading and the ability to set ssl_passhprase_command (and reload) in the hosts file. > Matt Caswell appears to be convinced that SSL_set_SSL_CTX() is > fundamentally broken. So it might just be FUD, but I'm wondering if we > should instead be using the SSL_ flavors of the API to reassign the > certificate chain on the SSL pointer directly, inside the callback, > instead of trying to set them indirectly via the SSL_CTX_ API. Maybe, but I would feel better about changing if I can could reproduce the issues (see below). > Have you seen any weird behavior like this on your end? I'm starting > to doubt my test setup... I've not been able to reproduce any behaviour like what you describe. > On the plus side, I now have a handful of > debugging patches for a future commitfest. Do you have them handy for running tests on this version? -- Daniel Gustafsson
v2-0001-Serverside-SNI-support-for-libpq.patch
Description: Binary data
