Complain if pg_hba.conf contains "hostssl" but SSL is disabled.

Most commenters agreed that this is more friendly than silently failing
to match the line during actual connection attempts.  Also, this will
prevent corner cases that might arise when trying to handle such a line
when the SSL code isn't turned on.  An example is that specifying
clientcert=1 in such a line would formerly result in a completely
misleading complaint that root.crt wasn't present, as seen in a recent
report from Marc-Andre Laverdiere.  While we could have instead fixed
that specific behavior, it seems likely that we'd have a continuing stream
of such bizarre behaviors if we keep on allowing hostssl lines when SSL is
disabled.

Back-patch to 8.4, where clientcert was introduced.  Earlier versions don't
have this specific issue, and the code is enough different to make this
patch not applicable without more work than it seems worth.
This commit is contained in:
Tom Lane 2011-04-26 15:40:14 -04:00
parent 6ba0d8d5ac
commit af9fb26e2d

View File

@ -27,6 +27,7 @@
#include "libpq/ip.h"
#include "libpq/libpq.h"
#include "postmaster/postmaster.h"
#include "regex/regex.h"
#include "replication/walsender.h"
#include "storage/fd.h"
@ -707,8 +708,20 @@ parse_hba_line(List *line, int line_num, HbaLine *parsedline)
if (token[4] == 's') /* "hostssl" */
{
/* SSL support must be actually active, else complain */
#ifdef USE_SSL
if (EnableSSL)
parsedline->conntype = ctHostSSL;
else
{
ereport(LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("hostssl requires SSL to be turned on"),
errhint("Set ssl = on in postgresql.conf."),
errcontext("line %d of configuration file \"%s\"",
line_num, HbaFileName)));
return false;
}
#else
ereport(LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),