Hi,

"Endpoint" in this context means "twisted endpoint". Twisted endpoints provide an abstract (but not too abstract) means for doing things like listening and connecting, and include TLS support.

https://twistedmatrix.com/documents/current/core/howto/endpoints.html

An example (minimally specified) TLS endpoint: tls:example.com:443.

Note: we tend to use UNIX domain sockets much more than TCP these days, and I don't believe I've ever tested TLS from CalendarServer to Postgres, but it should work if Postgres is configured correctly and you do the right stuff with certs, etc.

To answer your question, I think the adoption of endpoints by CalendarServer was intended to reap the benefits of endpoints over the previous connection handling code, and omission of a separate TLS parameter is a side effect.

-dre

Sent from my iPhone

On Jun 2, 2016, at 8:48 AM, Axel Rau <Axel.Rau@chaos1.de> wrote:

   "DatabaseConnection": { # Used to connect to an external database if DBType is non-empty
       "endpoint": "",     # Database connection endpoint
       "database": "",     # Name of database or Oracle SID
       "user": "",         # User name to connect as
       "password": "",     # Password to use
   },
Is this intentional to omit the ssl parameter here?

Axel
---
PGP-Key:29E99DD6 ☀ computing @ chaos claudius

_______________________________________________
calendarserver-dev mailing list
calendarserver-dev@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/calendarserver-dev