Skip site navigation (1) Skip section navigation (2)

Re: controlling the location of server-side SSL files

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: controlling the location of server-side SSL files
Date: 2012-02-07 11:34:38
Message-ID: 1328614478.24489.7.camel@vanquo.pezone.net (view raw or flat)
Thread:
Lists: pgsql-hackers
On tis, 2012-01-24 at 22:05 +0200, Peter Eisentraut wrote:
> > > One thing that is perhaps worth thinking about:  Currently, we just
> > > ignore missing root.crt and root.crl files.  With this patch, we still
> > > do this, even if the user has given a specific nondefault location.
> > > That seems a bit odd, but I can't think of a simple way to do it better.
> > 
> > There's a review in the CF app for this finding only minor issues, so
> > I'm marking this patch therein as "Ready for Committer".
> 
> OK, no one had any concerns about the missing file behavior I
> described above?  If not, then I'll commit it soon.

I'm still worried about this.  If we ignore a missing root.crt, then the
effect is that authentication and certificate verification might fail,
which would be annoying, but you'd notice it soon enough.  But if we
ignore a missing root.crl, we are creating a security hole.

My best idea at the moment is that we should set these parameters to
empty by default, and make users point them to existing files if they
want to use that functionality.  Comments?


In response to

Responses

pgsql-hackers by date

Next:From: Kevin GrittnerDate: 2012-02-07 12:10:31
Subject: Re: patch for implementing SPI_gettypemod()
Previous:From: Fujii MasaoDate: 2012-02-07 11:30:56
Subject: pg_basebackup -x stream from the standby gets stuck

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group