Magnus Hagander <magnus@hagander.net> writes:
> On Wed, Jul 14, 2010 at 00:09, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> "Christopher Head" <chris2k01@hotmail.com> writes:
>>> ... Unfortunately, as per line 536 of the file
>>> fe-secure.c in the PostgreSQL sources, if hostaddr is specified, SSL full
>>> verification just plain fails without trying at all. I suspect this line
>>> should be "if (!conn->pghost)" instead of "if (conn->pghostaddr)".
>>
>> That's really a definitional change, but it seems like a reasonable one
>> to me. Magnus, what do you think?
> Yeah, I think it is, but I haven't had the time to look into the code
> yet to see if I agree with the fix as well. Hope to get there soon.
The test actually needs to check for pghost being nonempty, I think,
but otherwise it seems straightforward. Will apply.
regards, tom lane
