RE: SSL Patch - again :-)

> > * I changed the meaning of "-l" from "Listen to only SSL" to
> >   "Disable SSL". It seems safe to me to do this since the 
> >   previous function of "-l" never worked anyway.
> >   Using this switch, you can start the postmaster without
> >   having the secret key and the certificate file in place.
> 
> I'd rather see SSL off by default and `-l' enabling it, but that's a
> trivial change if we agree on it.
No problem with me :-)
It should just be to change the default of RequireSSL to false, and then set
it to "true" when -l is specified.


> > Right now, the only way to set "requiressl" for psql is to use
> > an environment variable. I'd like it to be possible to do this 
> > using the commandline for example, probably using a "psql 
> variable". 
> 
> We need to think in terms of all client applications though. 
> Ideally we'd
> use some sort of option letter, but we'd never find one that's
> consistently available. What do people think about optionally 
> making the
> host paramater URI style, e.g. "pgsql://localhost" or
> "pgsql-ssl://localhost" or even 
> "pgsql://user:password@foo.com:6543". A
> bare host defaults to "pgsql://name:5432". Hmm, I think I 
> would like that
> in terms of extensibility. Doesn't JDBC work like that already?

I think I wasn't clear enough. :-) It can *already* be specified by any
client application as long as you use PQconnectdb(). For example:
PQconnectdb("dbname='foo' host='localhost' requiressl=1")

(I just put it into the "PQconninfoOptions" array.)
(Now that I think of it, I never really *tested* that part, though :-) But I
think it shuold work. [testing]. Yes, it works.)


> > But that would require changing psql to use PQconnectDb() instead 
> > of PQsetdbLogin(), so I figured I should check first :-) [BTW, 
> > PQconnectDb() is the recommended way of doing it nowadays, right?]
> 
> In theory yes, and this might well be a good reason to start doing so,
> because you won't get away with changing the prototype of 
> PQsetdbLogin().
Exactly my thougts :-)


> > Documentation is coming up,
> 
> Nice...
> 
> Any thoughts about client (and server) authentication via SSL?
Yup, I've been thinking about it. :-)
I was thinking of adding a authentication type "sslcert" (in addition to the
ident, trust, password etc that exist today) only valid for "sslhost" lines.
Then a map somewhere similar to the "ident-map" in concept mapping a SSL
certificate subject name to a postgres username. (Or maybe that should be
done similar to pg_shadow, modifyable from inside the db?)


//Magnus