Skip site navigation (1) Skip section navigation (2)

Re: BUG #5008: Server Startup Problem - When server is configured for SSL

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Jalaj Negi <jalajsinghnegi(at)gmail(dot)com>, pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #5008: Server Startup Problem - When server is configured for SSL
Date: 2009-08-26 20:25:49
Message-ID: 9837222c0908261325n27de9aa2w38f3b49774c604db@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-bugs
On Wed, Aug 26, 2009 at 15:57, Tom Lane<tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>> But that will still fail if the user has set it up to require a client
>> certificate.
>
> But not till it gets to the pg_hba checks.  We might need to have some

How would that be different from what we have now? sslmode=prefer will
still allow both ssl and non-ssl connection. It won't kick you out
until you reach the hba processing, will it?

> variant on PQrequiresPassword to detect that failure type, but we'll
> already know what we need to.
>
> This still points up the value of adding an actual "ping" interface to
> the protocol, though.

Agreed.

-- 
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

In response to

Responses

pgsql-bugs by date

Next:From: Pavel StehuleDate: 2009-08-26 20:37:38
Subject: Re: Password
Previous:From: Anze CevkaDate: 2009-08-26 20:25:25
Subject: Password

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group