Hello. At Tue, 1 Sep 2020 11:47:34 -0400, Bruce Momjian <br...@momjian.us> wrote in > On Tue, Sep 1, 2020 at 01:59:25PM +0900, Kyotaro Horiguchi wrote: > > At Mon, 31 Aug 2020 11:34:29 -0400, Bruce Momjian <br...@momjian.us> wrote > > in > > > On Mon, Aug 31, 2020 at 05:56:58PM +0900, Kyotaro Horiguchi wrote: > > > > Ok, this is that. If we spcify clientcert=no-verify other than for > > > > "cert" authentication, server complains as the following at startup. > > > > > > Why does clientcert=no-verify have any value, even for a > > > cert-authentication line? > > > > > > > > LOG: no-verify or 0 is the default setting that is discouraged to > > > > > use explicitly for clientcert option > > > > > HINT: Consider removing the option instead. This option value is > > > > > going to be deprecated in later version. > > > > > CONTEXT: line 90 of configuration file > > > > > "/home/horiguti/data/data_noverify/pg_hba.conf" > > > > > > I think it should just be removed in PG 14. This is a configuration > > > setting, not an SQL-level item that needs a deprecation period. > > > > Ok, it is changed to just error out. I tempted to show a suggestion to > > removing the option in that case like the following, but *didn't* in > > this version of the patch. > > OK, I have developed the attached patch based on yours. I reordered the > tests, simplified the documentation, and removed the hint since they
Looks good to me. > will already get a good error message, and we will document this change Oops! I thought I had removed that in the patch. Sorry for the mistake and that also looks good to me. > in the release notes. It is also good you removed the 0/1 values for > this, since that was also confusing. We will put that removal in the > release notes too. Thank you for your assistance, Bruce! regards. -- Kyotaro Horiguchi NTT Open Source Software Center
