Re: controlling the location of server-side SSL files - Mailing list pgsql-hackers

From Tom Lane
Subject Re: controlling the location of server-side SSL files
Date
Msg-id 5162.1330543230@sss.pgh.pa.us
Whole thread Raw
In response to Re: controlling the location of server-side SSL files  (Peter Eisentraut <peter_e@gmx.net>)
Responses Re: controlling the location of server-side SSL files  (Peter Eisentraut <peter_e@gmx.net>)
List pgsql-hackers
Peter Eisentraut <peter_e@gmx.net> writes:
> On ons, 2012-02-08 at 09:16 +0100, Magnus Hagander wrote:
>> Yes, ignoring a missing file in a security context is definitely not good.
>> It should throw an error.
>> 
>> We have a few bad defaults from the old days around SSL for this, but if it
>> requires breaking backwards compatibility to get it right, I think we
>> should still do it. 

> Btw., should we also consider making similar changes on the libpq side?

I think that breaking compatibility of libpq's behavior is a whole lot
harder sell than changing things in a way that only affects what people
have to put into postgresql.conf.  We've always treated the latter as
something that can change across major versions.

In particular, I observe that we get pushback anytime we break something
in a way that makes SSL config files be required on the client side;
see bug #6302 for most recent example.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Alvaro Herrera
Date:
Subject: Re: 16-bit page checksums for 9.2
Next
From: Peter Eisentraut
Date:
Subject: Re: controlling the location of server-side SSL files