Re: Adding support for SSLKEYLOGFILE in the frontend
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Jacob Champion <jacob.champion@enterprisedb.com>
Cc: Daniel Gustafsson <daniel@yesql.se>,
Abhishek Chanda <abhishek.becs@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2025-03-13T18:31:24Z
Lists: pgsql-hackers
Jacob Champion <jacob.champion@enterprisedb.com> writes: > Adding the PG prefix to the envvar name addresses my collision > concern, but I think Tom's comment upthread [1] was saying that we > should not provide any envvar at all: >> I think it might be safer if we only accepted it as a connection >> parameter and not via an environment variable. > Is the addition of the PG prefix enough to address that concern too? Indeed, I was advocating for *no* environment variable. The PG prefix does not comfort me. regards, tom lane
Commits
-
Fix sslkeylogfile error handling logging
- a6c0bf93031d 19 (unreleased) landed
- 39f01083facd 18.0 landed
-
Mark sslkeylogfile as Debug option
- 2970c75dd982 18.0 landed
-
libpq: Add support for dumping SSL key material to file
- 2da74d8d6400 18.0 landed