| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | patch: Client certificate requirements |
| Date: | 2008-10-23 15:21:39 |
| Message-ID: | 49009683.6020208@hagander.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
This patch adds a configuration option to pg_hba.conf for "clientcert".
This makes it possible to have different client certificate requirements
on different connections. It also makes sure that if you specify that
you want client cert verification and the root store isn't there, we
give an error instead of silently allowing the user in (like we do now).
This still does not implement actual client certificate validation -
that's for a later step. It just cleans up the handling we have now.
//Magnus
| Attachment | Content-Type | Size |
|---|---|---|
| client_cert_conf.patch | text/x-diff | 6.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Koichi Suzuki | 2008-10-23 15:24:32 | Re: Making pg_standby compression-friendly |
| Previous Message | Zdenek Kotala | 2008-10-23 15:17:00 | Re: Any reason to have heap_(de)formtuple? |