Re: Adding support for SSLKEYLOGFILE in the frontend
Jacob Champion <jacob.champion@enterprisedb.com>
From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: Álvaro Herrera <alvherre@alvh.no-ip.org>, Daniel Gustafsson <daniel@yesql.se>, Tom Lane <tgl@sss.pgh.pa.us>, Abhishek Chanda <abhishek.becs@gmail.com>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2025-03-20T16:58:47Z
Lists: pgsql-hackers
On Thu, Mar 20, 2025 at 3:58 AM Heikki Linnakangas <hlinnaka@iki.fi> wrote: > > I'm not sure if openssl has some locking on it, OpenSSL leaves it up to the application (us). OpenSSL 3.5 will apparently add a builtin implementation, which from a quick skim does use locking. As another datapoint, libcurl's implementation appears to rely on implicit flockfile(). --Jacob
Commits
-
Fix sslkeylogfile error handling logging
- a6c0bf93031d 19 (unreleased) landed
- 39f01083facd 18.0 landed
-
Mark sslkeylogfile as Debug option
- 2970c75dd982 18.0 landed
-
libpq: Add support for dumping SSL key material to file
- 2da74d8d6400 18.0 landed