Re: [BUGS] BUG #4340: SECURITY: Is SSL Doing Anything?
Bruce Momjian wrote: > Tom Lane wrote: > > Dan Kaminsky <[EMAIL PROTECTED]> writes: > > > Second, are you saying verify_peer doesn't do anything for > > > authentication? Are you sure about that? There's really little reason > > > otherwise for the call to exist. > > > > Er, we don't *have* a verify_peer callback. > > Uh, the user reported running Postgres 7.3 and we have improved SSL > quite a bit since then so perhaps an upgrade and reading the current > docs would help the user. The code is identical in HEAD, according to a quick read I did last week. -- Alvaro Herrerahttp://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc. -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
Re: [BUGS] BUG #4340: SECURITY: Is SSL Doing Anything?
Alvaro Herrera <[EMAIL PROTECTED]> writes: >> Tom Lane wrote: >>> Er, we don't *have* a verify_peer callback. >> >> Uh, the user reported running Postgres 7.3 and we have improved SSL >> quite a bit since then so perhaps an upgrade and reading the current >> docs would help the user. > The code is identical in HEAD, according to a quick read I did last > week. Actually, I had missed that the OP was looking at 7.3 rather than 8.3. There was a "verify_peer()" in 7.3 but it was #ifdef'd out. The question remains whether there's a reason to have it. It would be good if the discussion were based on a non-obsolete PG version ... regards, tom lane -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
