projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4fd02bf) | patch
Add X25519 to the default set of curves
authorDaniel Gustafsson <dgustafsson@postgresql.org>
Tue, 18 Mar 2025 14:26:27 +0000 (15:26 +0100)
committerDaniel Gustafsson <dgustafsson@postgresql.org>
Tue, 18 Mar 2025 14:26:27 +0000 (15:26 +0100)
commitdaa02c6bd9262adeb44f4a9ed9d94fa6259afd94
tree8ea66172e793587a84eb8619fd2ad82595daddc8tree
parent4fd02bf7cf94c3b6807dcf0b13e076de94f1e4ffcommit | diff
Add X25519 to the default set of curves

Since many clients default to the X25519 curve in the TLS handshake,
the fact that the server by defualt doesn't support it cause an extra
roundtrip for each TLS connection.  By adding multiple curves, which
is supported since 3d1ef3a15c3eb68da, we can reduce the risk of extra
roundtrips.

Author: Daniel Gustafsson <daniel@yesql.se>
Co-authored-by: Jacob Champion <jacob.champion@enterprisedb.com>
Reported-by: Andres Freund <andres@anarazel.de>
Reviewed-by: Jacob Champion <jacob.champion@enterprisedb.com>
Discussion: https://postgr.es/m/20240616234612.6cslu7nqexquvwj7@awork3.anarazel.de
doc/src/sgml/config.sgml diff | blob | blame | history
src/backend/utils/misc/guc_tables.c diff | blob | blame | history
src/backend/utils/misc/postgresql.conf.sample diff | blob | blame | history
src/test/ssl/t/SSL/Server.pm diff | blob | blame | history
This is the main PostgreSQL git repository.