On 02.03.22 17:57, Tom Lane wrote:
> Allow root-owned SSL private keys in libpq, not only the backend.
>
> This change makes libpq apply the same private-key-file ownership
> and permissions checks that we have used in the backend since commit
> 9a83564c5. Namely, that the private key can be owned by either the
> current user or root (with different file permissions allowed in the
> two cases). This allows system-wide management of key files, which
> is just as sensible on the client side as the server, particularly
> when the client is itself some application daemon.
>
> Sync the comments about this between libpq and the backend, too.
>
> Back-patch of a59c79564 and 50f03473e into all supported branches.
I think this
libpq_gettext("private key file \"%s\" is not a regular file"),
should have a trailing newline in the string.