> On 3 Mar 2021, at 15:14, Peter Eisentraut <peter.eisentr...@enterprisedb.com> > wrote: > > On 03.03.21 11:31, Daniel Gustafsson wrote: >>> On 26 Feb 2021, at 20:34, Daniel Gustafsson <dan...@yesql.se> wrote: >>> Attached is a v2 which retains the sslcompression parameter for backwards >>> compatibility. >> And now a v3 which fixes an oversight in postgres_fdw as well as adds an SSL >> TAP test to cover deprecated parameters. > > Per your other thread, you should also remove the environment variable.
Fixed. > In postgres_fdw, I think commenting it out is not the right change. The > other commented out values are still valid settings but are omitted from the > test for other reasons. It's not entirely all clear, but we don't have to > keep obsolete stuff in there forever. Ah, I didn't get that distinction but that makes sense. Fixed. The attached version takes a step further and removes sslcompression from pg_conn and just eats the value as there is no use in setting a dummy alue. It also removes compression from PgBackendSSLStatus and be_tls_get_compression as raised by Michael downthread. I opted for keeping the column in pg_stat_ssl with a note in the documentation that it will be removed, for the same backwards compatibility reason of eating the connection param without acting on it. This might be overthinking it however. -- Daniel Gustafsson https://vmware.com/
v4-0001-Disallow-SSL-compression.patch
Description: Binary data
