| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | David Fetter <david(at)fetter(dot)org>, Cary Huang <cary(dot)huang(at)highgo(dot)ca>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Let people set host(no)ssl settings from initdb |
| Date: | 2020-09-07 02:57:58 |
| Message-ID: | 20200907025758.GG2455@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 02, 2020 at 04:02:21PM +0200, Daniel Gustafsson wrote:
> The CF Patch Tester consider this patch to be malformed and is unable to apply
> and test it. Can you please submit a rebased version?
I have looked at the patch of this thread, and I doubt that it is a
good idea to put more burden into initdb for that. I agree that
being able to reject easily non-SSL connections in pg_hba.conf is a
bit of a hassle now, but putting more logic into initdb does not seem
the right course to me. Perhaps we could consider an idea like
Peter's to have a sslmode=require on the server side and ease the
generation of HBA rules..
The patch has stalled for two months now without a rebase provided, so
I am marking it as returned with feedback.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2020-09-07 03:05:26 | Re: vacuum verbose: show pages marked allvisible/frozen/hintbits |
| Previous Message | Michael Paquier | 2020-09-07 02:51:47 | Re: Remove page-read callback from XLogReaderState. |