Home > mailing lists

Re: Adding support for SSLKEYLOGFILE in the frontend - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Adding support for SSLKEYLOGFILE in the frontend
Date	April 9 21:45:06
Msg-id	C0C63BE4-E9EC-4B78-92F8-A5C72E686375@yesql.se Whole thread Raw
In response to	Re: Adding support for SSLKEYLOGFILE in the frontend (Jacob Champion <jacob.champion@enterprisedb.com>)
Responses	Re: Adding support for SSLKEYLOGFILE in the frontend
List	pgsql-hackers

Tree view

> On 9 Apr 2025, at 20:41, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
>
> Hello,
>
> On Thu, Apr 3, 2025 at 8:51 AM Daniel Gustafsson <daniel@yesql.se> wrote:
>> Committed, after another round of testing and looking.
>
> I think we may want to consider marking sslkeylogfile as a debug
> option (that is, opt->dispchar = "D") in fe-connect.c. Besides being a
> true "debug option", this would also prevent a relatively unprivileged
> user of postgres_fdw or dblink from logging the backend connection's
> keys. WDYT?

I think that sounds like a good idea, unless anyone thinks otherwise I'll go
ahead and make it so.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Jacob Champion
Date: 09 April, 21:41:39
Subject: Re: Adding support for SSLKEYLOGFILE in the frontend

From: "David G. Johnston"
Date: 09 April, 21:49:07
Subject: Re: n_ins_since_vacuum stats for aborted transactions

Re: Adding support for SSLKEYLOGFILE in the frontend - Mailing list pgsql-hackers

Previous

Next