Extended test coverage and docs for SSL passphrase commands
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2025-11-07T20:26:38Z
Lists: pgsql-hackers
Attachments
- v1-0002-ssl-Add-connection-and-reload-tests-for-key-passp.patch (application/octet-stream) patch v1-0002
- v1-0001-doc-Clarify-passphrase-command-reloading-on-Windo.patch (application/octet-stream) patch v1-0001
When I was writing tests for the SSL SNI patch [0] I realized that the current tests for ssl passphrase commands aren't fully exercising the feature, so I extended them to better understand how it works. Attached is an extended set of tests for passphrase protected keys where connection and reloads are tested as well as their different characteristics on Windows. The patchset also contains a small doc addition which documents the fact that passphrase command reloading must be on when running on Windows (EXEC_BACKEND) since every backend will issue a SSL configuration reload. -- Daniel Gustafsson
Commits
-
doc: Clarify passphrase command reloading on Windows
- cbb69a65a7d2 17.8 landed
- eb7743e3e4f5 15.16 landed
- 9a26ff8c0e99 14.21 landed
- 54ba4a66fdc4 16.12 landed
- 2f9ec456aece 18.2 landed
- 0f4f45772c5a 19 (unreleased) landed
-
ssl: Add connection and reload tests for key passphrases
- 348020caa7be 19 (unreleased) landed
-
Add GUC to show EXEC_BACKEND state
- b3fe098d330f 19 (unreleased) landed