Skip to content

Add secure parameter to Connectors to simplify TLS. #122

New issue
New issue
Open
Open
Add secure parameter to Connectors to simplify TLS.#122
Labels
v1.4
@jwp

Description

@jwp
jwp
opened on Feb 5, 2023
Contributor

With the deprecation of ssl.wrap_socket, carrying TLS arguments makes little sense and is inappropriately limiting.

Provide an alternative to the ssl* parameters (excluding sslmode) with a single secure parameter. Where secure will provide the entire functionality required by python.socket.SocketFactory.secure. Users will pass the wrap_socket method of the SSLContext they (already) configured as the secure keyword.

Possible separate patch: make this usable with postgresql.open indicators, by adding a security dictionary to postgresql.sys where applications may configure the set of secure functions used. postgresql.open("pq://user@host/database?[security]=tls-context-name")?

Activity

jwp
added
v1.4
on Feb 5, 2023
jwp
mentioned this on Feb 5, 2023
jwp

jwp commented on Feb 10, 2023

@jwp
jwp
on Feb 10, 2023
ContributorAuthor

Allow postgresql.open to select the security context using the host and port as the key in the sys.security dictionary?

jwp
mentioned this on Feb 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    v1.4

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @jwp

        Issue actions
          Add `secure` parameter to Connectors to simplify TLS. · Issue #122 · python-postgres/fe