| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Alex Hunsaker <badalex(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Abhijit Menon-Sen <ams(at)oryx(dot)com>, pgsql(at)mohawksoft(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SSL configure patch: review |
| Date: | 2008-11-21 14:13:14 |
| Message-ID: | 20081121141314.GB5210@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander escribió:
> Alex Hunsaker wrote:
> > On Fri, Aug 1, 2008 at 13:31, Alvaro Herrera <alvherre(at)commandprompt(dot)com> wrote:
> >> Something that's bothering me is that PGSSLKEY is inconsistent with the
> >> sslkey conninfo parameter. PGSSLKEY specifies an engine (basically a
> >> driver for specialized hardware AFAICT) from which the key is to be
> >> loaded, but sslkey is a simple filename. This means that there's no way
> >> to load a key from hardware if you want to specify it per connection.
> >> Not that I have any such hardware, but it looks bogus.
I think the above consideration needs some discussion too. Committing
it as-is doesn't seem OK because you can't change it later -- it's
user-visible.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2008-11-21 14:17:36 | Re: SSL configure patch: review |
| Previous Message | Magnus Hagander | 2008-11-21 13:36:07 | Re: Autoconf, libpq and replacement function |