| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Raimon Fernandez <coder(at)montx(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Where I can find "SSL specification"? |
| Date: | 2009-11-05 08:08:45 |
| Message-ID: | 20091105080844.GA11302@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Nov 05, 2009 at 08:48:47AM +0100, Raimon Fernandez wrote:
> Where can I find the steps to start an SSL connection with PostgreSQL ?
>
> The config files, certificates, etc. etc. must follow the same rules for
> the libpq specification ?
You follow the conventions of whatever SSL library you use.
>> heck, you have to be a glutton to want to use libssl from openssl...
>> there's something like 158 APIs and very little documentation on how
>> to properly use them
>
> Doy you mean there's no 'easy' way to start-up an SSL connection from a
> TCP/IP socket to postgresql ????
Sure, open up the documentation for the SSL library you want to use and
find the function that lets you pass a open file descriptior. This
function will handle the SSL startup for you and give you a handle for
further communication.
Personally I find the GnuTLS API to be much saner than openssl, in
which case you just do:
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) FileDescriptor);
/* Perform the TLS handshake
*/
ret = gnutls_handshake (session);
See this example:
Hope this helps,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> Please line up in a tree and maintain the heap invariant while
> boarding. Thank you for flying nlogn airlines.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John R Pierce | 2009-11-05 08:15:25 | Re: Where I can find "SSL specification"? |
| Previous Message | Raimon Fernandez | 2009-11-05 07:48:47 | Re: Where I can find "SSL specification"? |