Peter Eisentraut wrote:
> Using the attached patch, SSL will act over Unix-domain sockets. AFAICT, this
> just works. I didn't find a way to sniff a Unix-domain socket, however.
>
> How should we proceed with this?
I am confused by the shortness of this patch. Right now pg_hba.conf
has:
# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION]#
hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
These are all for TCP connections. How do we handle 'local' SSL
connection specification? Do we want to provide similar functionality
for local connections?
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://postgres.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +