Home > mailing lists

Re: [PATCH] Log details for client certificate failures - Mailing list pgsql-hackers

From	Jacob Champion
Subject	Re: [PATCH] Log details for client certificate failures
Date	May 4, 2022 02:05:30
Msg-id	a922e857c4e4a073f219bc5005b862eb22255c20.camel@vmware.com Whole thread Raw
In response to	Re: [PATCH] Log details for client certificate failures (Peter Eisentraut <peter.eisentraut@enterprisedb.com>)
Responses	Re: [PATCH] Log details for client certificate failures
List	pgsql-hackers

Tree view

On Tue, 2022-05-03 at 21:06 +0200, Peter Eisentraut wrote:
> The information in pg_stat_ssl is limited to NAMEDATALEN (see struct
> PgBackendSSLStatus).
> 
> It might make sense to align what your patch prints to identify
> certificates with what is shown in that view.

Sure, a max length should be easy enough to do. Is there a reason to
limit to NAMEDATALEN specifically? I was under the impression that we
would rather not have had that limitation in the stats framework, if we
could have avoided it. (In particular I think NAMEDATALEN will cut off
the longest possible Common Name by just five bytes.)

Thanks,
--Jacob

pgsql-hackers by date:

From: David Steele
Date: 04 May 2022, 00:47:21
Subject: Re: pg_walcleaner - new tool to detect, archive and delete the unneeded wal files (was Re: pg_archivecleanup - add the ability to detect, archive and delete the unneeded wal files on the primary)

From: Peter Smith
Date: 04 May 2022, 02:44:13
Subject: Re: Perform streaming logical transactions by background workers and parallel apply

Re: [PATCH] Log details for client certificate failures - Mailing list pgsql-hackers

Previous

Next