On Friday 10 April 2009 17:13:55 Martin Pitt wrote: > However, we can't afford to break existing installations. If a user > has 8.4 installed locally, he'll use libpq from 8.4, and suddenly he > could not connect to a remote SSL 8.3 cluster any more. So the check > needs at least be turned into a warning for connecting to a pre-8.4 > server.
This is not a question of new client with old server. The new version of the client has a more secure default that will possibly prevent it from connecting to *any* server that is not adequately configured. But it's a default, so the user can change it. Consider the analogy that a new web browser comes out that verifies server certificates (as of course all respectable browsers do nowadays) whereas the previous version one didn't. The right fix there is certainly not to downgrade this to a warning when connecting to an older web server. Not to mention the security implications: A rogue server could simply pretend to be of an older version to circumvent the client's security check. -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
