Tom Lane wrote:
> Magnus Hagander writes:
>> Uh, it's not "on" if it's not "on". I'd rather call them "off", "on" and
>> something like "maybe" or "external" or "file". I'd find it very bad if
>> you can say "sslverify=on" and then *not* end up getting it because of
>> some external factor. That
Hiroshi Inoue wrote:
> Magnus Hagander wrote:
>> Bruce Momjian wrote:
>>> Martin Pitt wrote:
I do see the benefit of failing to connect to an SSL-enabled server
*if* I have a root.crt which doesn't match. But why fail if I don't
have one?
>>> I have digested this thread, and have don
Bruce Momjian wrote:
> Bruce Momjian wrote:
>> It would be nice if 'sslverify' mimicked 'sslmode', which has these
>> values:
>>
>> disable
>> allow
>> prefer
>> require
>>
>> I don't see how we could use 'allow', but 'disable', 'prefer', and
>> 'require' seem to work for sslver
On 12 apr 2009, at 11.13, Peter Eisentraut wrote:
On Sunday 12 April 2009 01:58:26 Magnus Hagander wrote:
"sslmode=prefer" honestly makes no sense - if I don't care if it
ends up
encrypted or not (which it means), then why not just run with SSL off
and not have to deal with the overhead?
On Sunday 12 April 2009 01:58:26 Magnus Hagander wrote:
> "sslmode=prefer" honestly makes no sense - if I don't care if it ends up
> encrypted or not (which it means), then why not just run with SSL off
> and not have to deal with the overhead?
Perhaps a large part of the problem at hand is in fac
Magnus Hagander wrote:
> > One random idea is to fold both of these settings into sslmode, with
> > the
> > following progression:
> >
> > disable, allow, prefer, require, require-cert, require-cn
> >
> > And then set the default to "disable", because as you say "prefer"
> > is pretty
> > silly
Magnus Hagander wrote:
Hiroshi Inoue wrote:
Magnus Hagander wrote:
Bruce Momjian wrote:
Martin Pitt wrote:
I do see the benefit of failing to connect to an SSL-enabled server
*if* I have a root.crt which doesn't match. But why fail if I don't
have one?
I have digested this thread, and have d
Guys, did anyone looked on this annoying problem? I beleive it may be
solved by using compiler directive only, e.g. #ifdef __MINGW__ or
whatever. I just have no idea what directive used for MinGW
(Windows?).
You wrote:
PG> The following bug has been logged online:
PG> Bug reference: 4662
PG
