Re: Adding support for SSLKEYLOGFILE in the frontend

Thanks, Daniel.

Should there be the ifdef guard in here as well?

+ {"sslkeylogfile", NULL, NULL, NULL,
+ "SSL-Key-Log-File", "", 0, /* sizeof("") = 0 */
+ offsetof(struct pg_conn, sslkeylogfile)},
+

A small nit, this line should say NULL

+ /* line is guaranteed by OpenSSL to be NUL terminated */

Thanks

On Thu, Mar 13, 2025 at 5:07 PM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>
>
>
> > On 13 Mar 2025, at 19:31, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >
> > Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> writes:
> >> Adding the PG prefix to the envvar name addresses my collision
> >> concern, but I think Tom's comment upthread [1] was saying that we
> >> should not provide any envvar at all:
> >
> >>> I think it might be safer if we only accepted it as a connection
> >>> parameter and not via an environment variable.
> >
> >> Is the addition of the PG prefix enough to address that concern too?
> >
> > Indeed, I was advocating for *no* environment variable. The PG prefix
> > does not comfort me.
>
> Attached is a rebased version which fixes the test failure under autoconf (I
> had missed git adding the configure file..) and Windows where the backslashes
> weren't escaped properly. It also removes the environment variable and has
> documentation touchups.
>
> --
> Daniel Gustafsson
>

--
Thanks and regards
Abhishek Chanda