\conninfo and SSL
On startup, psql shows the SSL information:
$ psql 'sslmode=require host=localhost'
psql (9.2beta1)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
However, \conninfo does not mention SSL:
postgres=> \conninfo
You are connected to database "postgres" as user "postgres" on
host "localhost" at port "5432".
Should \conninfo mention SSL? Fortunately \c shows SSL information:
postgres=> \c
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
You are now connected to database "postgres" as user "postgres".
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
On Thu, May 31, 2012 at 9:04 PM, Bruce Momjian <bruce@momjian.us> wrote:
On startup, psql shows the SSL information:
$ psql 'sslmode=require host=localhost'
psql (9.2beta1)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)However, \conninfo does not mention SSL:
postgres=> \conninfo
You are connected to database "postgres" as user "postgres" on
host "localhost" at port "5432".Should \conninfo mention SSL? Fortunately \c shows SSL information:
postgres=> \c
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
You are now connected to database "postgres" as user "postgres".
Well, \c creates a new connection, so that's not really an information
command. It might not connect that trivially, depending on what
authentication method you use.
Including ssl info in \conninfo would be useful, I think.
//Magnus
On Thu, May 31, 2012 at 9:11 PM, Magnus Hagander <magnus@hagander.net> wrote:
On Thu, May 31, 2012 at 9:04 PM, Bruce Momjian <bruce@momjian.us> wrote:
On startup, psql shows the SSL information:
$ psql 'sslmode=require host=localhost'
psql (9.2beta1)
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)However, \conninfo does not mention SSL:
postgres=> \conninfo
You are connected to database "postgres" as user "postgres" on
host "localhost" at port "5432".Should \conninfo mention SSL? Fortunately \c shows SSL information:
postgres=> \c
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
You are now connected to database "postgres" as user "postgres".Well, \c creates a new connection, so that's not really an information
command. It might not connect that trivially, depending on what
authentication method you use.Including ssl info in \conninfo would be useful, I think.
//Magnus
A one-line change adds the SSL info on its own line like
------
You are connected to database "scratch" as user "scratch" on host
"127.0.0.1" at port "5432".
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
------
Does this need a more integrated presentation, and therefore a broader
change to make it translatable?
Regards,
Alastair.
*** a/src/bin/psql/command.c
--- b/src/bin/psql/command.c
*************** exec_command(const char *cmd,
*** 312,319 ****
--- 312,322 ----
printf(_("You are connected to
database \"%s\" as user \"%s\" via socket in \"%s\" at port
\"%s\".\n"),
db, PQuser(pset.db), host,
PQport(pset.db));
else
+ {
printf(_("You are connected to
database \"%s\" as user \"%s\" on host \"%s\" at port \"%s\".\n"),
db, PQuser(pset.db), host,
PQport(pset.db));
+ printSSLInfo();
+ }
}
}
On Sun, Jun 3, 2012 at 5:30 AM, Alastair Turner <bell@ctrlf5.co.za> wrote:
A one-line change adds the SSL info on its own line like
------
You are connected to database "scratch" as user "scratch" on host
"127.0.0.1" at port "5432".
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
------Does this need a more integrated presentation, and therefore a broader
change to make it translatable?
+1 for doing it that way.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
Excerpts from Robert Haas's message of mié jun 06 14:45:46 -0400 2012:
On Sun, Jun 3, 2012 at 5:30 AM, Alastair Turner <bell@ctrlf5.co.za> wrote:
A one-line change adds the SSL info on its own line like
------
You are connected to database "scratch" as user "scratch" on host
"127.0.0.1" at port "5432".
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
------Does this need a more integrated presentation, and therefore a broader
change to make it translatable?+1 for doing it that way.
Yeah, printSSLInfo already outputs translated stuff so this should be
OK. Merging both messages into a single translatable unit would be
pretty cumbersome, for no practical gain.
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
On Wednesday, June 6, 2012, Alvaro Herrera wrote:
Excerpts from Robert Haas's message of mié jun 06 14:45:46 -0400 2012:
On Sun, Jun 3, 2012 at 5:30 AM, Alastair Turner <bell@ctrlf5.co.za<javascript:;>>
wrote:
A one-line change adds the SSL info on its own line like
------
You are connected to database "scratch" as user "scratch" on host
"127.0.0.1" at port "5432".
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
------Does this need a more integrated presentation, and therefore a broader
change to make it translatable?+1 for doing it that way.
Yeah, printSSLInfo already outputs translated stuff so this should be
OK. Merging both messages into a single translatable unit would be
pretty cumbersome, for no practical gain.
Seems like a very low-impact change. Are people Ok with sneaking this into
9.2?
//Magnus
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
On Sun, Jun 3, 2012 at 5:30 AM, Alastair Turner <bell@ctrlf5.co.za> wrote:
A one-line change adds the SSL info on its own line like
------
You are connected to database "scratch" as user "scratch" on host
"127.0.0.1" at port "5432".
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
------Does this need a more integrated presentation, and therefore a broader
change to make it translatable?
Committed to master. I didn't make it conditional on a non-local
connection, though, since there seemed to be no reason to it that way.
P.S. Email mangles patches. It's better to attach them rather than
including them inline.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company