postgres ssl authentication? sockets?

Dr. Hawkins dochawk at gmail.com
Mon Jan 19 22:08:05 EST 2015


As I continue to poke around . . .

I really want to use postgres, not mysql for a variety of reasons.

revOpenDatabase() has an useSSL argument for mySQL, but not postgres.
Postgres, however, also has built in ssl, and can *require* an incoming
connection to use ssl, or can negotiate.

As I've experimented on a remote machine, I can get a connection with md5
authentication, but if I change the host type to "hostssl", I get the error

FATAL:  no pg_hba.conf entry for host "12.34.56.78", user "joe", database
"joesdb", SSL off

but "SSL off" ?  I have "ssl = on" in postgres.conf, but I didn't set the
certificates, etc.  However, from the postgres docs, it seems that those
will want another key from the client, and there's no way to specify this
for livecode.

I'm wondering if sockets might be a better approach.  Most of what I use
the remote db for would be better off asynchronously anyway--namely,
syncing databases.  If I could send a "change these" message to the remote
and just continue, knowing that I would eventually get a "you change these,
too" back that could execute once the local user hadn't typed or otherwise
interacted for some specified time period, it would be a huge gain in
usability (at the moment, once the user is idle for 2 seconds, a sync
attempt is made--but remotely, this could take a noticeable fraction of a
seconds. Usually, it's about 30ms with my ISP & host, but 250ms isn't rare
enough to ignore).

I'm toying with the sequence that an LC server at the other end launches a
standalone when nudged, and the socket is opened with the standalone, which
would be able to "wait 1 second" after every time it responded, and sleep a
second again if there was nothing waiting for it.  Also, a supervisor could
increase that wait time among the many instances of the standalone that
would be running.


-- 
Dr. Richard E. Hawkins, Esq.
(702) 508-8462



More information about the use-livecode mailing list