Home > mailing lists

Re: Adding support for SSLKEYLOGFILE in the frontend - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Adding support for SSLKEYLOGFILE in the frontend
Date	April 14 23:16:38
Msg-id	E773D865-F919-4D5B-A248-57A1092E7B28@yesql.se Whole thread Raw
In response to	Re: Adding support for SSLKEYLOGFILE in the frontend (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: Adding support for SSLKEYLOGFILE in the frontend
List	pgsql-hackers

Tree view

> On 9 Apr 2025, at 20:45, Daniel Gustafsson <daniel@yesql.se> wrote:
>
>> On 9 Apr 2025, at 20:41, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
>>
>> Hello,
>>
>> On Thu, Apr 3, 2025 at 8:51 AM Daniel Gustafsson <daniel@yesql.se> wrote:
>>> Committed, after another round of testing and looking.
>>
>> I think we may want to consider marking sslkeylogfile as a debug
>> option (that is, opt->dispchar = "D") in fe-connect.c. Besides being a
>> true "debug option", this would also prevent a relatively unprivileged
>> user of postgres_fdw or dblink from logging the backend connection's
>> keys. WDYT?
>
> I think that sounds like a good idea, unless anyone thinks otherwise I'll go
> ahead and make it so.

Just to close the loop, this was done yesterday as 2970c75dd982.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Andrew Dunstan
Date: 14 April, 23:14:37
Subject: Re: pgsql: Non text modes for pg_dumpall, correspondingly change pg_restore

From: Jacob Champion
Date: 14 April, 23:17:13
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER

Re: Adding support for SSLKEYLOGFILE in the frontend - Mailing list pgsql-hackers

Previous

Next