TLS checking in pgstat

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: TLS checking in pgstat
Date: 2020-06-28 11:39:38
Message-ID: B88BC38F-BBF1-4755-976E-F8418667656D@yesql.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

As I mentioned in [1], checking (struct Port)->ssl for NULL to determine
whether TLS is used for connection is a bit of a leaky abstraction, as that's
an OpenSSL specific struct member. This sets the requirement that all TLS
implementations use a pointer named SSL, and that the pointer is set to NULL in
case of a failed connection, which may or may not fit.

Is there a reason to not use (struct Port)->ssl_in_use flag which tracks just
what we're looking for here? This also maps against other parts of the
abstraction in be-secure.c which do just that. The attached implements this.

cheers ./daniel

[1] FAB21FC8-0F62-434F-AA78-6BD9336D630A(at)yesql(dot)se

Attachment Content-Type Size
ssl_reporting.patch application/octet-stream 1.2 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Dilip Kumar 2020-06-28 12:22:38 Re: [HACKERS] Custom compression methods
Previous Message Daniel Gustafsson 2020-06-28 11:10:48 Commitfest 2020-07