| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Cc: | Martin Pitt <mpitt(at)debian(dot)org> |
| Subject: | Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt |
| Date: | 2009-04-10 11:56:20 |
| Message-ID: | 200904101456.20975.peter_e@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Friday 10 April 2009 08:39:33 Martin Pitt wrote:
> Tom Lane [2009-04-10 1:15 -0400]:
> > Martin Pitt <mpitt(at)debian(dot)org> writesyuqhom#3:
> > > The test suite detected one regression in libpq, though: Setting
> > > $PGHOST now complains about a missing root.crt, although this is only
> > > relevant on the server side (or did I misunderstood this?)
> >
> > No, that's a progression: the client wants to validate the server's
> > cert, too.
>
> Indeed it is nice to see this feature (great to prevent spoofing), but
> if I don't have a ~/.postgresql/root.crt at all, it shouldn't
> certainly break completely? (which it does now).
I assume the server has the snakeoil certificate installed? In that case, it
is correct that the client refuses to proceed, although the exact manner of
breaking could perhaps be improved.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | toruvinn | 2009-04-10 12:35:59 | Re: Reg: 25P02, current transaction is aborted, commands ignored until end of transaction block |
| Previous Message | Durgabhavani.g | 2009-04-10 09:55:03 | Reg: 25P02, current transaction is aborted, commands ignored until end of transaction block |