On 26/06/2018 11:49, Daniel Gustafsson wrote:
>> Extracted from the GnuTLS thread/patch, here is a patch to add a
>> server-side read-only parameter ssl_library, which currently reports
>> either 'OpenSSL' or an empty string, depending on what SSL library was
>> built with. This is analogous to th
On 6/26/18 17:48, Tom Lane wrote:
> (1) I'm not really clear why we need this. GUC variables aren't free.
>
> (2) Are there security issues with exposing this info to everybody?
This functionality was requested in the threads about GnuTLS and other
SSL implementations so that users/admins can de
Peter Eisentraut writes:
> Extracted from the GnuTLS thread/patch, here is a patch to add a
> server-side read-only parameter ssl_library, which currently reports
> either 'OpenSSL' or an empty string, depending on what SSL library was
> built with. This is analogous to the libpq function call
>
> On 26 Jun 2018, at 11:06, Peter Eisentraut
> wrote:
>
> Extracted from the GnuTLS thread/patch, here is a patch to add a
> server-side read-only parameter ssl_library, which currently reports
> either 'OpenSSL' or an empty string, depending on what SSL library was
> built with. This is analog
art;
+
+# Run this before we lock down access below.
+my $result = $node->safe_psql('postgres', "SHOW ssl_library");
+is($result, 'OpenSSL', 'ssl_library parameter');
+
configure_test_server_for_ssl($node, $SERVERHOSTADDR, 'trust');
note "testing password-protected keys";
--
2.18.0
