Re: Let people set host(no)ssl settings from initdb

On Wed, Dec 30, 2020 at 08:24:06PM +0100, David Fetter wrote:
> On Mon, Sep 07, 2020 at 11:57:58AM +0900, Michael Paquier wrote:
> > On Thu, Jul 02, 2020 at 04:02:21PM +0200, Daniel Gustafsson wrote:
> > > The CF Patch Tester consider this patch to be malformed and is unable to apply
> > > and test it. Can you please submit a rebased version?
> >
> > I have looked at the patch of this thread, and I doubt that it is a
> > good idea to put more burden into initdb for that. I agree that
> > being able to reject easily non-SSL connections in pg_hba.conf is a
> > bit of a hassle now, but putting more logic into initdb does not seem
> > the right course to me. Perhaps we could consider an idea like
> > Peter's to have a sslmode=require on the server side and ease the
> > generation of HBA rules..
> >
> > The patch has stalled for two months now without a rebase provided, so
> > I am marking it as returned with feedback.
>
> Please find attached the rebased patch.
>
> Peter's suggestion seems a little more subtle to me than requiring TLS
> on the server side in that what people generally want to do is
> disallow clear text connections entirely. In those scenarios, people
> would also want to set (and be able to change at runtime) some kind of
> cryptographic policy, as SSH and TLS do. While I see this as a worthy
> goal, it's a much bigger lift than an optional argument or two to
> initdb, and requires a lot more discussion than it's had to date.

*sigh*

This time with patch actually attached.

Best,
David.
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate