Re: [BUGS] PQconnectdb SSL (sslmode)

2005-08-25 Thread Michael Fuhr 
On Thu, Aug 25, 2005 at 06:20:52PM -0700, vishal saberwal wrote:
>
> I am not sure if this is a bug.

If you're not sure then it would be better to post to another mailing
list like pgsql-general or one of the more specific lists.  That
would expose your question to a larger pool of expertise, and it
would minimize the number of false bug reports.

> int ret=PQconnectdb("hostaddr=192.168.200.10 dbname=dbm user=postgres
> sslmode=prefer");
> 
> ' ret' prints -1.

PQconnectdb() returns a PGconn * -- why are you assigning the return
value to an int?  After PQconnectdb() you should be calling PQstatus()
and checking its return value.  If the status isn't CONNECTION_OK
then PQerrorMessage() should return a string saying why.  See the
libpq documentation for more information:

http://www.postgresql.org/docs/8.0/static/libpq.html#LIBPQ-CONNECT
http://www.postgresql.org/docs/8.0/static/libpq-status.html

-- 
Michael Fuhr

---(end of broadcast)---
TIP 1: if posting/reading through Usenet, please send an appropriate
   subscribe-nomail command to [EMAIL PROTECTED] so that your
   message can get through to the mailing list cleanly

[BUGS] PQconnectdb SSL (sslmode)

2005-08-25 Thread vishal saberwal 
hi,
I am not sure if this is a bug.

My PG_HBA.CONF

local all all trust
host all all 127.0.0.1 255.255.255.255 trust
host all all 192.168.0.0/16 trust
hostssl dbm all 192.168.200.201 255.255.255.255 md5

int ret=PQconnectdb("hostaddr=192.168.200.10 dbname=dbm user=postgres
sslmode=prefer");

' ret' prints -1.

Now when I change the above function to one with sslmode=allow, the
connection is established and query runs.

I do have (ssl=true) in postgresql.conf and have tested the
certificates and they are working right. I also restart the postmaster
after every change in postgresql.conf and pg_hba.conf.

I would prefer the connections are SSL and hence would like to use the
default "prefer" sslmode.

vish

---(end of broadcast)---
TIP 1: if posting/reading through Usenet, please send an appropriate
   subscribe-nomail command to [EMAIL PROTECTED] so that your
   message can get through to the mailing list cleanly