| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Dan Kaminsky <dan(at)doxpara(dot)com>, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #4340: SECURITY: Is SSL Doing Anything? |
| Date: | 2008-08-18 23:36:43 |
| Message-ID: | 8268.1219102603@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
>> Tom Lane wrote:
>>> Er, we don't *have* a verify_peer callback.
>>
>> Uh, the user reported running Postgres 7.3 and we have improved SSL
>> quite a bit since then so perhaps an upgrade and reading the current
>> docs would help the user.
> The code is identical in HEAD, according to a quick read I did last
> week.
Actually, I had missed that the OP was looking at 7.3 rather than 8.3.
There was a "verify_peer()" in 7.3 but it was #ifdef'd out. The
question remains whether there's a reason to have it. It would be good
if the discussion were based on a non-obsolete PG version ...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gregory Stark | 2008-08-19 09:34:46 | Re: BUG #4340: SECURITY: Is SSL Doing Anything? |
| Previous Message | Dan Boeriu | 2008-08-18 22:48:21 | BUG #4363: ts_query bug |