public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jonathan Gonzalez V. <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Zsolt Parragi <[email protected]>
Cc: Daniel Gustafsson <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Subject: Re: Make PGOAUTHCAFILE in libpq-oauth work out of debug mode
Date: Thu, 19 Feb 2026 15:18:34 +0100
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+kNGJXy3YqPDoceb1doNfA-S6fmdKv-AH3j0PPUicyUQQ@mail.gmail.com>
References: <[email protected]>
<[email protected]>
<CAOYmi+=fbZNJSkHVci=GpR8XPYObK=H+2ERRha0LDTS+ifsWnw@mail.gmail.com>
<CAN4CZFPhm2NCRWzZpX=kRLqyxu4Ps-d0xE5W75a-iDoKrLbXBw@mail.gmail.com>
<CAOYmi+=HcXJub1rDsQ7vpKMHuBB6NTA2Z5T=zAkaFdRThf+9zg@mail.gmail.com>
<[email protected]>
<CAOYmi+mMx1DnNpKG8RdknH0-GuPR9jv+G9r2iFND=Yve7DOF6g@mail.gmail.com>
<[email protected]>
<CAOYmi+nQawWHzC4mRhJnzZzzqjnUDg-yxN3f3ZqPX=+jpKU+zg@mail.gmail.com>
<[email protected]>
<CAOYmi+mTHahYXqBZH-bE1Z3Yc5SJ0gTHsM69LSVna2h7ftgVzQ@mail.gmail.com>
<[email protected]>
<CAOYmi+kNGJXy3YqPDoceb1doNfA-S6fmdKv-AH3j0PPUicyUQQ@mail.gmail.com>
Hi!
> > +#define conn_oauth_ca_file(CONN) (CONN->oauth_ca_file)
>
> Arrrghh I hadn't even considered that this thread would conflict with
> the changes over at [1]. Well, the silver lining is that I already
> know I have to get most of that work in; this just serializes things.
Well, it will definitely conflict but I can rebase the work on that
patch, not an issue, since now I understand what you mean it's even
more fun! What do you think? I can do some testing and review on those
patches too while working on a rebase, so I think it's a win-win
> > I want to add some test for this option that I think it could be
> > really
> > useful, what do you think?
>
> Definitely. I could see either upgrading the oauth_validator test
> suite to use HTTPS throughout, and then setting the new envvar
> globally, or just adding a single test that switches it on (but I'm
> not sure that's actually less work, since you have to teach
> oauth_server.py to speak HTTPS either way).
Ok, so probably a new patch to teach oauth_server.py to speak HTTPS
could be good? Since it requires to create certificates and lot of
testing work a different patch could be better right? just to add HTTPS
support.
Thank you!
--
Jonathan Gonzalez V. <[email protected]>
EnterpriseDB
Attachments:
[application/pgp-signature] signature.asc (833B, 2-signature.asc)
download
view thread (15+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: Make PGOAUTHCAFILE in libpq-oauth work out of debug mode
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox