]> git.ipfire.org Git - thirdparty/postgresql.git/commitdiff
projects / thirdparty / postgresql.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ebae54)
doc: Use groups instead of curves in TLS documentation
authorDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 5 Jun 2026 20:16:42 +0000 (22:16 +0200)
committerDaniel Gustafsson <dgustafsson@postgresql.org>
Fri, 5 Jun 2026 20:16:42 +0000 (22:16 +0200)
With TLS 1.3 the concept of curves was renamed to groups.  Update
our wording to use groups instead of curves to make it clear what
the underlying GUC can support.

This was extracted from a slightly larger patch which also renamed
variables to match the new terminology.  Given that we are in beta
this portion was however left as a future excercise.

Author: Evan Si <evsi@amazon.com>
Reviewed-by: Ewan Young <kdbase.hack@gmail.com>
Discussion: https://postgr.es/m/23C40DD6-1C47-46FC-A746-8A1D8530AD3E@amazon.com
Backpatch-through: 18

doc/src/sgml/config.sgml patch | blob | blame | history

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index 9275cfa1b10c65e46ef54a16304fb2a99fd0e28c..fa566c9e5535a11bb5c848c96fdcbb0ca83ebe7f 100644 (file)
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1573,11 +1573,11 @@ include_dir 'conf.d'
       </term>
       <listitem>
        <para>
-        Specifies the name of the curve to use in <acronym>ECDH</acronym> key
-        exchange.  It needs to be supported by all clients that connect.
-        Multiple curves can be specified by using a colon-separated list.
-        It does not need to be the same curve used by the server's Elliptic
-        Curve key.  This parameter can only be set in the
+        Specifies the named group to use for <acronym>TLS</acronym> key
+        exchange.  It needs to be supported by all clients that
+        connect.  Multiple groups can be specified by using a colon-separated
+        list.  It does not need to match the key type used by the server
+        certificate.  This parameter can only be set in the
         <filename>postgresql.conf</filename> file or on the server command line.
         The default is <literal>X25519:prime256v1</literal>.
        </para>
@@ -1592,7 +1592,7 @@ include_dir 'conf.d'
        </note>
 
        <para>
-        <productname>OpenSSL</productname> names for the most common curves
+        <productname>OpenSSL</productname> names for the most common groups
         are:
         <literal>prime256v1</literal> (NIST P-256),
         <literal>secp384r1</literal> (NIST P-384),
Mirror of https://git.postgresql.org/git/postgresql.git