On Tue, Jul 04, 2023 at 05:15:49PM +0300, Heikki Linnakangas wrote: > I don't see the point of the libpq 'sslalpn' option either. Let's send ALPN > always. > > Admittedly having the options make testing different of combinations of old > and new clients and servers a little easier. But I don't think we should add > options for the sake of backwards compatibility tests.
Hmm. I would actually argue in favor of having these with tests in core to stress the previous SSL hanshake protocol, as not having these parameters would mean that we rely only on major version upgrades in the buildfarm to test the backward-compatible code path, making issues much harder to catch. And we still need to maintain the backward-compatible path for 10 years based on what pg_dump and pg_upgrade need to support. -- Michael
signature.asc
Description: PGP signature
