From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Gustavsson Mikael <mikael(dot)gustavsson(at)smhi(dot)se>, Magnus Hagander <magnus(at)hagander(dot)net>, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>, Svensson Peter <peter(dot)svensson(at)smhi(dot)se> |
Subject: | Re: Problem with ssl and psql in Postgresql 13 |
Date: | 2020-12-30 16:41:14 |
Message-ID: | 2344142.1609346474@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
>> I think we'd be best off to always override KRB5_KTNAME if we have a
>> nonempty krb_server_keyfile setting, so the attached proposed patch
>> makes both functions do it the same way. (I did not make an effort
>> to remove the dependency on setenv, given the nearby thread to
>> standardize on that.)
> +1.
Done, thanks for looking at the patch.
>> I'm not sure whether there's any documentation change that needs to
>> be made. The docs don't suggest that you're allowed to set
>> krb_server_keyfile to an empty string in the first place, so maybe
>> we needn't explain what happens if you do.
> Perhaps saying something about 'system default' or 'taken from the
> environment' might make sense.
I went with "If this parameter is set to an empty string, it is ignored
and a system-dependent default is used." I don't think we need to go
into more detail than that, since as you say it's unlikely to be a
useful case.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2020-12-30 16:50:27 | Re: Getting "could not read block" error when creating an index on a function. |
Previous Message | Demitri Muna | 2020-12-30 16:16:17 | Getting "could not read block" error when creating an index on a function. |