pgsql: Add notBefore and notAfter to SSL cert info display

From: Daniel Gustafsson <dgustafsson(at)postgresql(dot)org>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Add notBefore and notAfter to SSL cert info display
Date: 2023-07-20 15:10:21
Message-ID: E1qMVIK-000SkH-Ee@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Add notBefore and notAfter to SSL cert info display

This adds the X509 attributes notBefore and notAfter to sslinfo
as well as pg_stat_ssl to allow verifying and identifying the
validity period of the current client certificate.

Author: Cary Huang <cary(dot)huang(at)highgo(dot)ca>
Discussion: https://postgr.es/m/182b8565486.10af1a86f158715.2387262617218380588@highgo.ca

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/75ec5e7bec700577d39d653c316e3ae6c505842c

Modified Files
--------------
contrib/sslinfo/Makefile | 2 +-
contrib/sslinfo/meson.build | 1 +
contrib/sslinfo/sslinfo--1.2--1.3.sql | 12 ++++++
contrib/sslinfo/sslinfo.c | 67 +++++++++++++++++++++++++++++
contrib/sslinfo/sslinfo.control | 2 +-
doc/src/sgml/monitoring.sgml | 20 +++++++++
doc/src/sgml/sslinfo.sgml | 30 +++++++++++++
src/backend/catalog/system_views.sql | 4 +-
src/backend/libpq/be-secure-openssl.c | 47 ++++++++++++++++++++
src/backend/utils/activity/backend_status.c | 2 +
src/backend/utils/adt/pgstatfuncs.c | 46 ++++++++++++--------
src/include/catalog/catversion.h | 2 +-
src/include/catalog/pg_proc.dat | 6 +--
src/include/libpq/libpq-be.h | 2 +
src/include/utils/backend_status.h | 2 +
src/test/regress/expected/rules.out | 12 +++---
src/test/ssl/t/001_ssltests.pl | 8 ++--
src/test/ssl/t/003_sslinfo.pl | 14 ++++++
18 files changed, 246 insertions(+), 33 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Daniel Gustafsson 2023-07-20 15:20:38 pgsql: Revert "Add notBefore and notAfter to SSL cert info display"
Previous Message Daniel Gustafsson 2023-07-20 13:10:01 pgsql: pg_upgrade: include additional detail in cluster check