On Wed, Mar 5, 2025 at 9:21 AM Daniel Gustafsson <daniel@yesql.se> wrote:
> I managed to misunderstand skip blocks in TAP tests in the 0002, so the
> attached version fixes that. It has been failing on Debian in CI which I have
> yet to look into.
Drive-by comment:
> + {"sslkeylogfile", "PGSSLKEYLOGFILE",
> + "", NULL,
> + "SSL-Key-Log-File", "", 0, /* sizeof("") = 0 */
> + offsetof(struct pg_conn, sslkeylogfile)},
Adding the PG prefix to the envvar name addresses my collision
concern, but I think Tom's comment upthread [1] was saying that we
should not provide any envvar at all:
> I think it might be safer if we only accepted it as a connection
> parameter and not via an environment variable.
Is the addition of the PG prefix enough to address that concern too?
(Are people already sanitizing their environments for all PG*
variables?)
Thanks,
--Jacob
[1] https://postgr.es/m/1774813.1736385450%40sss.pgh.pa.us
