| From: | "Alex Hunsaker" <badalex(at)gmail(dot)com> |
|---|---|
| To: | "Magnus Hagander" <magnus(at)hagander(dot)net> |
| Cc: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "PG Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: patch: Client certificate requirements |
| Date: | 2008-11-19 17:10:44 |
| Message-ID: | 34d269d40811190910vacda7d5x2e5fc52d14cbe510@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Nov 17, 2008 at 03:04, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
> Alex Hunsaker wrote:
>> On Sat, Nov 15, 2008 at 17:39, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> 2. Root cert file present but we fail to load it: FATAL is probably okay
>>> here, but not with that hint message.
>>
>> Err, I was just trying to be congruent with HEAD. Currently that's
>> the message you get if we could not "read" the root cert. (as a LOG,
>> not FATAL). Should just drop the hint and keep the FATAL for this
>> case?
>
> Yes, I think so.
>
> New version of the patch attached.
Looks good to me.
>> Also we check that the private key is at least 0600, should we be
>> doing the same for the root cert?
>
> No need. The certificate is public information. The first thing we do on
> an SSL connection is to send the thing to the client anyway.
>
> We *could* check that it's not writable by anybody else - but do we
> check that for our datafiles which contain the actual passwords and
> such? If not, that would just be strange to do here, really..
Makes sense.
> //Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ibrar Ahmed | 2008-11-19 17:11:45 | Re: New bug |
| Previous Message | Alex Hunsaker | 2008-11-19 17:02:44 | Re: Client certificate authentication |