| From: | Cary Huang <cary(dot)huang(at)highgo(dot)ca> |
|---|---|
| To: | "Daniel Gustafsson" <daniel(at)yesql(dot)se> |
| Cc: | "Pgsql Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: sslinfo extension - add notbefore and notafter timestamps |
| Date: | 2023-06-23 20:10:22 |
| Message-ID: | 188e9e114e2.1168b3bda837794.3324050820866856527@highgo.ca |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Off the cuff that doesn't seem like a bad idea, but I wonder if we should add
> them to pg_stat_ssl (or both) instead if we deem them valuable?
I think the same information should be available to pg_stat_ssl as well. pg_stat_ssl can show the client certificate information for all connecting clients, having it to show not_before and not_after timestamps of every client are important in my opinion. The attached patch "v2-0002-pg-stat-ssl-add-notbefore-and-notafter-timestamps.patch" adds this support
> Re the patch, it would be nice to move the logic in ssl_client_get_notafter and
> the _notbefore counterpart to a static function since they are copies of
> eachother.
Yes agreed. I have made the adjustment attached as "v2-0001-sslinfo-add-notbefore-and-notafter-timestamps.patch"
would this feature be suitable to be added to commitfest? What do you think?
thank you
Cary Huang
-------------
HighGo Software Inc. (Canada)
cary(dot)huang(at)highgo(dot)ca
www.highgo.ca
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0001-sslinfo-add-notbefore-and-notafter-timestamps.patch | application/octet-stream | 6.5 KB |
| v2-0002-pg-stat-ssl-add-notbefore-and-notafter-timestamps.patch | application/octet-stream | 14.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2023-06-23 20:23:04 | Re: sslinfo extension - add notbefore and notafter timestamps |
| Previous Message | Ranier Vilela | 2023-06-23 19:43:11 | Re: Making empty Bitmapsets always be NULL |