Re: Extended test coverage and docs for SSL passphrase commands

Álvaro Herrera <alvherre@kurilemu.de>

From: Álvaro Herrera <alvherre@kurilemu.de>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Peter Eisentraut <peter@eisentraut.org>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Chao Li <li.evan.chao@gmail.com>
Date: 2025-11-24T17:08:24Z
Lists: pgsql-hackers
On 2025-Nov-23, Daniel Gustafsson wrote:

> > On 22 Nov 2025, at 14:00, Álvaro Herrera <alvherre@kurilemu.de> wrote:

> > I think the parallel to debug_assertions is not perfect, because you
> > can turn off debug_assertions in a server built with them included,
> > but you cannot turn off EXEC_BACKEND.
> 
> debug_assertions cannot be disabled anymore, since 3bdcf6a5a755.

Hah, 2014 -- goes to show that I don't try very often ;-)  (I do have a
separate build tree for no-assertions, which I don't use very often
either.)

> > This says we shouldn't name the symbol with the DEFAULT word: it
> > should just be "EXEC_BACKEND_ENABLED".
> 
> Regardless, I totally agree with that, fixed in the attached along
> with the review comments from upthread.

This looks reasonable to me, thanks.

-- 
Álvaro Herrera               48°01'N 7°57'E  —  https://www.EnterpriseDB.com/
"No nos atrevemos a muchas cosas porque son difíciles,
pero son difíciles porque no nos atrevemos a hacerlas" (Séneca)



Commits

  1. doc: Clarify passphrase command reloading on Windows

  2. ssl: Add connection and reload tests for key passphrases

  3. Add GUC to show EXEC_BACKEND state