On Wed, Nov 24, 2021 at 8:46 AM Joshua Brindle <joshua.brin...@crunchydata.com> wrote: > > On Wed, Nov 24, 2021 at 6:59 AM Daniel Gustafsson <dan...@yesql.se> wrote: > > > > > On 23 Nov 2021, at 23:39, Joshua Brindle <joshua.brin...@crunchydata.com> > > > wrote: > > > > > It no longer happens with v49, since it was a null deref of the pr_fd > > > which no longer happens. > > > > > > I'll continue testing now, so far it's looking better. > > > > Great, thanks for confirming. I'm still keen on knowing how you triggered > > the > > segfault so I can ensure there are no further bugs around there. > > > > It happened when I ran psql with hostssl on the server but before I'd > initialized my client certificate store.
I don't know enough about NSS to know if this is problematic or not but if I try verify-full without having the root CA in the certificate store I get: $ /usr/pgsql-15/bin/psql "host=localhost sslmode=verify-full user=postgres" psql: error: SSL error: Issuer certificate is invalid. unable to shut down NSS context: NSS could not shutdown. Objects are still in use.
