Re: Extended test coverage and docs for SSL passphrase commands

Hi Daniel,

I just reviewed the patch and got a few comments.

> On Nov 22, 2025, at 06:38, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>
>
> The attached v2 adds a GUC debug_exec_backend which can be used to get the
> state of the running cluster, much like how debug_assertions will tell whether
> or not assertions were compiled in or not. (Per an idea off-list conversation
> about this.) This will be operating system independent and reusable in other
> tests as well.
>
> The rest of the patches are the same, just adapted to use this GUC in the SSL
> test.
>
> --
> Daniel Gustafsson
>
> <v2-0001-Add-GUC-to-show-EXEC_BACKEND-state.patch><v2-0002-doc-Clarify-passphrase-command-reloading-on-Windo.patch><v2-0003-ssl-Add-connection-and-reload-tests-for-key-passp.patch>

1 - 0001
```
+ short_desc => 'Shows whether the running server is running in EXEC_BACKEND mode.',
```

The GUC is added like a mirror of debug_assertions. However, I think a small difference is that, assertions will impact everything at runtime, while EXEC_BACKEND don’t really impact PG’s behavior, instead it only impacts how backend processes are spawned. Thus, I feel “running server is EXEC_BACKEND mode” is a little bit inaccurate, maybe just say “show whether the running server is built with EXEC_BACKEND”.

2 - 0002
```
+ This parameter must be set to <literal>on</literal> when running on
+ <systemitem class="osname">Windows</systemitem> since all connections
```

This is not a comment. I’m just thinking that, as EXEC_BACKEND is compile flag, when a server is started, it knows if EXEC_BACKEND is enabled or not. So that, if ssl_passphrase_command must be turned on, why cannot we automatically turn on it?

3 - 0003
```
+$node->log_check(
+ "passhprase could reload private key",

```

Typo: passhprase -> passphrase

Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/