Home > mailing lists

Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS - Mailing list pgsql-hackers

From	Magnus Hagander
Subject	Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS
Date	May 5, 2008 11:51:27
Msg-id	20080505135125.5afaafb2@mha-laptop.hagander.net Whole thread Raw
In response to	Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Tom Lane wrote:
> I think a better idea is to embed the flag in the pg_hba.conf entry
> itself.  Perhaps something like "ldapso:" instead of "ldaps:" to
> indicate "old" secure ldap protocol, or include another parameter
> in the URL body.

FWIW, I'm working on a proposal to change how pg_hba.conf deals with
the parameter field to make it easier to do things like this, by
using a name/value pair setup instead. The LDAP url is one reason -
it's hacky enough already *before* we add this kind of option to it...

//Magnus

pgsql-hackers by date:

From: Andreas Pflug
Date: 05 May 2008, 11:46:10
Subject: Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS

From: Darren Reed
Date: 05 May 2008, 12:01:48
Subject: Re: Protection from SQL injection

Re: Proposed Patch - LDAPS support for servers on port 636 w/o TLS - Mailing list pgsql-hackers

Previous

Next