Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Re: SSL over Unix-domain sockets
Peter Eisentraut wrote: > Am Freitag, 4. Januar 2008 schrieb Bruce Momjian: > > Peter Eisentraut wrote: > > > Using the attached patch, SSL will act over Unix-domain sockets. AFAICT, > > > this just works. I didn't find a way to sniff a Unix-domain socket, > > > however. > > > > > > How should we proceed with this? > > > > I am confused by the shortness of this patch. Right now pg_hba.conf > > has: > > > > # host DATABASE USER CIDR-ADDRESS METHOD [OPTION] > > # hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION] > > # hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION] > > > > These are all for TCP connections. How do we handle 'local' SSL > > connection specification? Do we want to provide similar functionality > > for local connections? > > Yes, we might want to add that as well. That and some documentation updates > would probably cover everything. OK. Right now the documentation about spoofing says to use directory permissions for the socket, and that works. I am thinking this is something for 8.4. -- Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us EnterpriseDB http://postgres.enterprisedb.com + If your life is a hard drive, Christ can be your backup. +
In response to
- Re: SSL over Unix-domain sockets at 2008-01-04 17:35:02 from Peter Eisentraut
Responses
- Re: SSL over Unix-domain sockets at 2008-01-04 17:47:15 from Magnus Hagander
pgsql-hackers by date
Next: From: Magnus Hagander Date: 2008-01-04 17:47:15 Subject: Re: SSL over Unix-domain sockets Previous: From: Peter Eisentraut Date: 2008-01-04 17:35:02 Subject: Re: SSL over Unix-domain sockets
pgsql-patches by date
Next: From: Magnus Hagander Date: 2008-01-04 17:47:15 Subject: Re: SSL over Unix-domain sockets Previous: From: Peter Eisentraut Date: 2008-01-04 17:35:02 Subject: Re: SSL over Unix-domain sockets