From: | "Alex Hunsaker" <badalex(at)gmail(dot)com> |
---|---|
To: | "Andrew Chernow" <ac(at)esilo(dot)com> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, "Magnus Hagander" <magnus(at)hagander(dot)net> |
Subject: | Re: new libpq SSL connection option |
Date: | 2008-12-05 21:32:57 |
Message-ID: | 34d269d40812051332v2588698fv3fa3e8924365fdf4@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Fri, Dec 5, 2008 at 14:22, Andrew Chernow <ac(at)esilo(dot)com> wrote:
> Alex Hunsaker wrote:
>>
>> On Fri, Dec 5, 2008 at 13:58, Andrew Chernow <ac(at)esilo(dot)com> wrote:
>>>
>>> Who anyone be opposed to "ssldir = path" as a connection option?
>>> Currently,
>>> there is no way to change the homedir method ~/.postgresql ... or am I
>>> missing something? I am willing to supply a patch.
>>
>> You mean something like the
>>
>> http://archives.postgresql.org/message-id/34d269d40811202107q489e2be0h771762398dd9fcdb@mail.gmail.com.
>>
>> ?
>>
>
> yes, excately like that; apparently missed it. What is the status of that
> patch? I see it was left in pending review .. is the fest is over?
I think all that is left is changing PGROOTCERT to PGSSLROOTCERT,
agreeing to IFDEF the params out or not oh
and this little bit:
> Magnus Hagander escribió:
> > On Fri, Aug 1, 2008 at 13:31, Alvaro Herrera <alvherre(at)commandprompt(dot)com> wrote:
> >> Something that's bothering me is that PGSSLKEY is inconsistent with the
> >> sslkey conninfo parameter. PGSSLKEY specifies an engine (basically a
> >> driver for specialized hardware AFAICT) from which the key is to be
> >> loaded, but sslkey is a simple filename. This means that there's no way
> >> to load a key from hardware if you want to specify it per connection.
> >> Not that I have any such hardware, but it looks bogus.
>I think the above consideration needs some discussion too. Committing
>it as-is doesn't seem OK because you can't change it later -- it's
>user-visible.
From | Date | Subject | |
---|---|---|---|
Next Message | David Rowley | 2008-12-05 21:44:44 | Re: Windowing Function Patch Review -> Standard Conformance |
Previous Message | Andrew Chernow | 2008-12-05 21:22:42 | Re: new libpq SSL connection option |