Re: Unfriendly handling of pg_hba SSL options with SSL off

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Unfriendly handling of pg_hba SSL options with SSL off
Date: 2011-04-25 19:26:35
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> On mn, 2011-04-25 at 14:18 -0400, Tom Lane wrote:
>> In the particular case at hand, if someone is trying to use the same
>> hostssl-containing pg_hba.conf across multiple systems, is it not
>> reasonable to suppose that he should have SSL turned on in
>> postgresql.conf on all those systems? If he doesn't, it's far more
>> likely to be a configuration mistake that he'd appreciate being pointed
>> out to him, instead of having to reverse-engineer why some of the
>> systems aren't working like others.

> I think, people use and configure PostgreSQL in all kinds of ways, so we
> shouldn't assume what they might be thinking. Especially if an
> artificial boundary has the single purpose of being "helpful".

Well, it's not just to be "helpful", it's to close off code paths that
are never going to be sufficiently well-tested to not have bizarre
failure modes. That helps both developers (who don't have to worry
about testing/fixing such code paths) and users (who won't have to deal
with the bizarre failure modes).

But in any case, I think that the presence of a hostssl line in
pg_hba.conf is pretty strong evidence that the admin intends to use SSL,
so we should tell him about it if he's forgotten the other piece of
setup he needs.

> If people want their configuration checked for "sanity" (by someone's
> definition), there might be logging or debugging options in order for
> that.

If anyone else agrees with your viewpoint, maybe we could compromise on
emitting a LOG message indicating that the hostssl line will be ignored
due to SSL being turned off. But I think your approach penalizes people
who make simple mistakes in order to lend marginal support to an
entirely-hypothetical advanced use case.

regards, tom lane

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2011-04-25 19:30:29 Re: branching for 9.2devel
Previous Message Peter Eisentraut 2011-04-25 19:07:14 Re: "stored procedures" - use cases?