Re: SSL configure patch: review - Mailing list pgsql-hackers

From Alvaro Herrera
Subject Re: SSL configure patch: review
Date
Msg-id 20080801203157.GL4321@alvh.no-ip.org
Whole thread Raw
In response to Re: SSL configure patch: review  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: SSL configure patch: review
List pgsql-hackers
Tom Lane wrote:
> BTW, doesn't this patch leak memory at freePGconn() time?

Doh -- right, fixed.

> I also think that more of it should be inside #ifdef USE_SSL --- ie,
> the options should be treated like requiressl not sslmode, and not
> exist in a non-SSL build.

I wondered about that too, and couldn't make up my mind about it.
This patch does things that way.

Something that's bothering me is that PGSSLKEY is inconsistent with the
sslkey conninfo parameter.  PGSSLKEY specifies an engine (basically a
driver for specialized hardware AFAICT) from which the key is to be
loaded, but sslkey is a simple filename.  This means that there's no way
to load a key from hardware if you want to specify it per connection.
Not that I have any such hardware, but it looks bogus.

Obviously one still wants to be able to specify a different file name
from the default; I tried to see if there's any way to load an engine
that would load the key from a file, but could not extract any sense
from the man page:
http://www.openssl.org/docs/crypto/engine.html

Maybe this means that we should provide separate parameters, say
"sslkey" and "sslkeyfile", and a new env var PGSSLKEYFILE.

Thoughts?  Am I overengineering this stuff?

--
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

Attachment

pgsql-hackers by date:

Previous
From: Alvaro Herrera
Date:
Subject: Re: Review: DTrace probes (merged version) ver_03
Next
From: Robert Lor
Date:
Subject: Re: Review: DTrace probes (merged version) ver_03