| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SSL information view |
| Date: | 2014-07-12 14:36:04 |
| Message-ID: | 31891.1405175764@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> As an administrator, I find that you fairly often want to know what
> your current connections are actually using as SSL parameters, and
> there is currently no other way than gdb to find that out - something
> we definitely should fix.
I'm wondering whether it's such a great idea that everybody can see
everybody else's client DN. Other than that, no objection to the
concept.
> Second, I was planning to implement it by adding fields to
> PgBackendStatus and thus to BackendStatusArray, booleans directly in
> the struct and strings similar to how we track for example hostnames.
> Anybody see a problem with that?
Space in that array is at a premium, and again the client DN seems
problematic, in that it's not short and has no clear upper bound.
If you were to drop the DN from the proposed view then I'd be fine
with this.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2014-07-12 15:01:01 | Re: SSL information view |
| Previous Message | Andres Freund | 2014-07-12 13:51:28 | Re: tab completion for setting search_path |