Re: sslinfo extension - add notbefore and notafter timestamps

From: Cary Huang <cary(dot)huang(at)highgo(dot)ca>
To: "Daniel Gustafsson" <daniel(at)yesql(dot)se>
Cc: "Pgsql Hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: sslinfo extension - add notbefore and notafter timestamps
Date: 2023-06-23 20:10:22
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> Off the cuff that doesn't seem like a bad idea, but I wonder if we should add
> them to pg_stat_ssl (or both) instead if we deem them valuable?

I think the same information should be available to pg_stat_ssl as well. pg_stat_ssl can show the client certificate information for all connecting clients, having it to show not_before and not_after timestamps of every client are important in my opinion. The attached patch "v2-0002-pg-stat-ssl-add-notbefore-and-notafter-timestamps.patch" adds this support

> Re the patch, it would be nice to move the logic in ssl_client_get_notafter and
> the _notbefore counterpart to a static function since they are copies of
> eachother.

Yes agreed. I have made the adjustment attached as "v2-0001-sslinfo-add-notbefore-and-notafter-timestamps.patch"

would this feature be suitable to be added to commitfest? What do you think?

thank you

Cary Huang
HighGo Software Inc. (Canada)

Attachment Content-Type Size
v2-0001-sslinfo-add-notbefore-and-notafter-timestamps.patch application/octet-stream 6.5 KB
v2-0002-pg-stat-ssl-add-notbefore-and-notafter-timestamps.patch application/octet-stream 14.0 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Daniel Gustafsson 2023-06-23 20:23:04 Re: sslinfo extension - add notbefore and notafter timestamps
Previous Message Ranier Vilela 2023-06-23 19:43:11 Re: Making empty Bitmapsets always be NULL