| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Nigel J(dot) Andrews" <nandrews(at)investsystems(dot)co(dot)uk> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Jon Jenson <jon(at)endpoint(dot)com> |
| Subject: | Re: host and hostssl equivalence in pg_hba.conf |
| Date: | 2003-06-10 14:11:00 |
| Message-ID: | 2451.1055254260@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
"Nigel J. Andrews" <nandrews(at)investsystems(dot)co(dot)uk> writes:
> On Tue, 10 Jun 2003, Tom Lane wrote:
>> If your real gripe is that libpq insists on trying SSL connections
>> first, the server is the wrong end to be patching that problem at.
>> There should be a way to control libpq's allow_ssl_try state variable
>> from the outside.
> A quick read makes me think that's what Jon's post is on about.
Right. I had forgotten that thread, but indeed we had agreed to a
definition that would allow flexible control of libpq's SSL behavior.
Looks like no one got round to actually implementing what was hammered
out though.
Note: if you want to take a swipe at implementing that proposal, please
be sure to start from CVS tip. I mangled all that code just a couple
days ago to allow both old and new protocols to be supported ... so any
patch based on 7.3 is not going to apply ...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jonathan Bartlett | 2003-06-10 14:23:25 | Re: Optimizer failure on integer column? |
| Previous Message | Nigel J. Andrews | 2003-06-10 13:57:06 | Re: host and hostssl equivalence in pg_hba.conf |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2003-06-10 14:15:06 | Re: security flaw |
| Previous Message | Nigel J. Andrews | 2003-06-10 13:57:06 | Re: host and hostssl equivalence in pg_hba.conf |