Re: Support for sslverify
| От | Magnus Hagander |
|---|---|
| Тема | Re: Support for sslverify |
| Дата | |
| Msg-id | E46762F0-1B3F-4700-9583-8FCC29424A29@hagander.net обсуждение исходный текст |
| Ответ на | Re: Support for sslverify (Dave Page <dpage@pgadmin.org>) |
| Ответы |
Re: Support for sslverify
|
| Список | pgadmin-hackers |
On 15 mar 2009, at 17.00, Dave Page <dpage@pgadmin.org> wrote: > On Sun, Mar 15, 2009 at 2:51 PM, Magnus Hagander > <magnus@hagander.net> wrote: >> We've seen it here and Dave reported to me on IM that he has received >> further reports of people getting stuck by the new 8.4 SSL code that >> verifies server certificates by default. >> >> I think this will happen for example for everybody who has their pg >> on a >> debian server and their client elsewhere, for example, since debian >> enables a snakeoil SSL cert by default (which in itself is a pretty >> bad >> idea, but it's what they do) >> >> >> Should we provide an option to override this (connection option >> sslverify) in the connection dialog? And is it something we need to >> do >> for this version (yes, I know it's already in beta..) > > There's support for this in libpq aready? If so, then please go ahead > and fix pgAdmin :-) Yes, that was part of the original patch. You can set to verify all (never before, and default), verify ca (default before *if* the root cert was there) or no verification at all. > Note that the server connection diagloue is already pretty much at the > maximum height, so any changes there will probably need to include > splitting of the tabset. Crap. That something we want to do between betas? /Magnus
В списке pgadmin-hackers по дате отправления: