| From: | Cary Huang <cary(dot)huang(at)highgo(dot)ca> |
|---|---|
| To: | "Jacob Champion" <jacob(dot)champion(at)enterprisedb(dot)com> |
| Cc: | "Daniel Gustafsson" <daniel(at)yesql(dot)se>, "PostgreSQL Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: sslinfo extension - add notbefore and notafter timestamps |
| Date: | 2024-03-09 00:16:35 |
| Message-ID: | 18e20919332.11723d9f32317930.6858237055699092267@highgo.ca |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello
Thank you for the review and your patch. I have tested with minimum OpenSSL version 1.0.2 support and incorporated your changes into the v9 patch as attached.
> In my -08 timezone, the date doesn't match what's recorded either
> (it's my "tomorrow"). I think those probably just need to be converted
> to UTC explicitly? I've attached a sample diff on top of v8 that
> passes tests on my machine.
Yes, I noticed this in the SSL test too. I am also in GTM-8, so for me the tests would fail too due to the time zone differences from GMT. It shall be okay to specifically set the outputs of pg_stat_ssl, ssl_client_get_notbefore, and ssl_client_get_notafte to be in GMT time zone. The not before and not after time stamps in a client certificate are generally expressed in GMT.
Thank you!
Cary Huang
-------------
HighGo Software Inc. (Canada)
cary(dot)huang(at)highgo(dot)ca
www.highgo.ca
| Attachment | Content-Type | Size |
|---|---|---|
| v9-0001-Add-notBefore-and-notAfter-to-SSL-cert-info-displ.patch | application/octet-stream | 25.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | jian he | 2024-03-09 01:13:34 | Re: Emitting JSON to file using COPY TO |
| Previous Message | jian he | 2024-03-09 00:00:00 | Re: POC, WIP: OR-clause support for indexes |