On Fri, Apr 6, 2012 at 02:05, Tom Lane t...@sss.pgh.pa.us wrote:
Magnus Hagander mag...@hagander.net writes:
If anything, we should be changing it to TLSv1 in both client and
server, since every client out there now should be using that anyway,
given that the client has been specifying it for
Magnus Hagander mag...@hagander.net writes:
True. I guess I was just assuming that JDBC (and npgsql i think?) were
using TLS - I would assume that to be the default in both Java and
.NET. We'd have to check that before making a change of course - and
I'm not convinced we need to make the
On Fri, Apr 6, 2012 at 18:43, Tom Lane t...@sss.pgh.pa.us wrote:
Magnus Hagander mag...@hagander.net writes:
True. I guess I was just assuming that JDBC (and npgsql i think?) were
using TLS - I would assume that to be the default in both Java and
.NET. We'd have to check that before making a
Those code fragment judges the return value from
SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not retry
when SSL_ERROR_WANT_READ. It seems they are not consistent. Comments?
There's no particular reason
On Thu, Apr 5, 2012 at 08:00, Tatsuo Ishii is...@postgresql.org wrote:
Those code fragment judges the return value from
SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not retry
when SSL_ERROR_WANT_READ. It
Magnus Hagander mag...@hagander.net writes:
If anything, we should be changing it to TLSv1 in both client and
server, since every client out there now should be using that anyway,
given that the client has been specifying it for a long time.
Huh? libpq isn't every client.
Tatsuo Ishii is...@postgresql.org writes:
Those code fragment judges the return value from
SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not retry
when SSL_ERROR_WANT_READ. It seems they are not consistent.
On Wed, Apr 4, 2012 at 17:57, Tom Lane t...@sss.pgh.pa.us wrote:
Tatsuo Ishii is...@postgresql.org writes:
Those code fragment judges the return value from
SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not
Magnus Hagander mag...@hagander.net writes:
On Wed, Apr 4, 2012 at 17:57, Tom Lane t...@sss.pgh.pa.us wrote:
I rather wonder whether the #ifdef WIN32 bit in the backend isn't dead
code though. If the port isn't in nonblock mode, we shouldn't really
get here at all, should we?
Not in a