Quick Links

Re: Adding support for SSLKEYLOGFILE in the frontend

From:	Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
To:	Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc:	PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Abhishek Chanda <abhishek(dot)becs(at)gmail(dot)com>, Álvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>
Subject:	Re: Adding support for SSLKEYLOGFILE in the frontend
Date:	2025-04-09 18:41:39
Message-ID:	CAOYmi+=5GyBKpu7bU4D_xkAnYJTj=rMzGaUvHO99-DpNG_YKcw@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hello,

On Thu, Apr 3, 2025 at 8:51 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
> Committed, after another round of testing and looking.

I think we may want to consider marking sslkeylogfile as a debug
option (that is, opt->dispchar = "D") in fe-connect.c. Besides being a
true "debug option", this would also prevent a relatively unprivileged
user of postgres_fdw or dblink from logging the backend connection's
keys. WDYT?

--Jacob

In response to

Re: Adding support for SSLKEYLOGFILE in the frontend at 2025-04-03 15:51:11 from Daniel Gustafsson

Responses

Re: Adding support for SSLKEYLOGFILE in the frontend at 2025-04-09 18:45:06 from Daniel Gustafsson

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Daniel Gustafsson	2025-04-09 18:45:06	Re: Adding support for SSLKEYLOGFILE in the frontend
Previous Message	Sami Imseih	2025-04-09 18:31:55	Re: n_ins_since_vacuum stats for aborted transactions