Thread: SSL

I'm trying to get the SSL stuff to at least build out of the box. It seems
there's a flaw here: Even when you only want to build with SSL support "to
try later" the postmaster refuses to start unless you set up appropriate
certificate and key files. There's no way to disable SSL at run time.

At first I thought the -l option was supposed to that. But the
responsibility of the -l option is to refuse any non-SSL connections. But
deciding that should rather be the responsibility of the pg_hba.conf file,
as indeed it is, with its hostssl directive. (At least that is my
understanding.)

Does anyone have any suggestions how to handle this? This was never an
advertised feature so we have a little room to play with, I suppose.


-- 
Peter Eisentraut                  Sernanders väg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden

Peter Eisentraut <peter_e@gmx.net> writes:
> Does anyone have any suggestions how to handle this? This was never an
> advertised feature so we have a little room to play with, I suppose.

I think the SSL code is actually broken --- leastwise, the libpq side
of it looks mighty bogus to me.  It can't possibly work to negotiate
the SSL setup before we've done the connect, can it?  (I believe whoever
added the nonblocking-connect logic to libpq fouled this up.)

I've been griping about that since January but no one's responded, not
even to say "yes it's busted" or "it works for me".  So the level of
interest seems awfully low, and I have no particular interest in fixing
it myself.

Bottom line: if you think it needs changing then change it.  There
sure aren't going to be very many complainers.
        regards, tom lane