Quick Links

Re: Adding support for SSLKEYLOGFILE in the frontend

From:	Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Abhishek Chanda <abhishek(dot)becs(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org, Daniel Gustafsson <daniel(at)yesql(dot)se>
Subject:	Re: Adding support for SSLKEYLOGFILE in the frontend
Date:	2025-01-09 20:36:16
Message-ID:	CAOYmi+=mQpiEE0_qo-4Q5FtZ3wC2Jp-a9kPr_aUN2L6hhsncbA@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Wed, Jan 8, 2025 at 5:17 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> I think it might be safer if we only accepted it as a connection
> parameter and not via an environment variable.

Making it a connection parameter also keeps us from colliding with any
other linked libraries' use of SSLKEYLOGFILE (I'm thinking about
libcurl at the moment, but I think maybe NSS used it too?).

--Jacob

In response to

Re: Adding support for SSLKEYLOGFILE in the frontend at 2025-01-09 01:17:30 from Tom Lane

Responses

Re: Adding support for SSLKEYLOGFILE in the frontend at 2025-01-10 03:59:21 from Abhishek Chanda

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Daniel Gustafsson	2025-01-09 20:40:04	Re: [PoC] Federated Authn/z with OAUTHBEARER
Previous Message	Nikolay Samokhvalov	2025-01-09 20:32:53	pg_dump, pg_dumpall, pg_restore: Add --no-policies option