Home > mailing lists

PQConnectdb SSL (sslmode): Is this a bug - Mailing list pgsql-general

From	vishal saberwal
Subject	PQConnectdb SSL (sslmode): Is this a bug
Date	August 26, 2005 17:24:58
Msg-id	3e74dc2505082610233671fedf@mail.gmail.com Whole thread Raw
Responses	Re: PQConnectdb SSL (sslmode): Is this a bug (Michael Fuhr <mike@fuhr.org>)
List	pgsql-general

Tree view

hi,
I am not sure if this is a bug.

My PG_HBA.CONF
----------------------------
local all all trust
host all all 127.0.0.1 255.255.255.255 trust
host all all 192.168.0.0/16 trust
hostssl dbm all 192.168.200.201 255.255.255.255 md5

CODE
---------------------------
PGConn* connection=PQconnectdb("hostaddr=192.168.200.10 dbname=dbm
user=postgres sslmode=prefer");
if (PQstatus(connection)==CONNECTION_OK)
return 0;
else
{
fprintf(stderr. "connection failure: %s",PQerrorMessage(connection));
return -1;
}
--------------
OUTPUT:
connection failure: SSL error: sslv3 alert handshake failure

-----------

Now when I change the above function to one with sslmode=allow, the
connection is established and query runs.

I do have (ssl=true) in postgresql.conf and have tested the
certificates and they are working right. I also restart the postmaster
after every change in postgresql.conf and pg_hba.conf.

I would prefer the connections are SSL and hence would like to use the
default "prefer" sslmode.

vish

pgsql-general by date:

From: "Joshua D. Drake"
Date: 26 August 2005, 17:14:18
Subject: Re: Serials jumping

From: Chris Travers
Date: 26 August 2005, 17:26:54
Subject: Re: Postgresql replication

PQConnectdb SSL (sslmode): Is this a bug - Mailing list pgsql-general

Previous

Next