Tom Lane wrote: > Magnus Hagander <[EMAIL PROTECTED]> writes: >> Attached patch cleans up the certificate verification in libpq, and adds >> a configuration paraqmeter to control it. The new parameter is >> "sslverify", and can be set to: > >> * cn = default = will validate that the certificate chains to a trusted >> root, *and* that the cn on the certificate matches the hostname >> specificed in the connection. This is the only option that prevents >> man-in-the-middle attacks completely, and therefor is the default. > > How can you make that the default? Won't it immediately break every > installation without certificates?
*all* SSL installations have certificate on the server side. You cannot run without it. And obviously the setting only has effect if you are actually running over SSL. > The patch seems pretty far short of sufficient as far as supporting a > new conninfo option goes --- for instance it appears to leak the string > at disconnect. Check through all the references to some existing option > field to see if you missed anything else. Hmm. yeah, I hadn't finished that part - and promptly forgot about that :S Will look it over again. //Magnus -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
