| From: | Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com> |
|---|---|
| To: | "Jonathan Gonzalez V(dot)" <jonathan(dot)abdiel(at)gmail(dot)com> |
| Cc: | Daniel Gustafsson <daniel(at)yesql(dot)se>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Make PGOAUTHCAFILE in libpq-oauth work out of debug mode |
| Date: | 2026-03-10 22:40:48 |
| Message-ID: | CAN4CZFMtcRDBQACw==1aHRBmdQDWNz=v4RqY0--iF=G6QfiQ3A@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello
I only have a few minor comments/questions:
Shouldn't we free oauth_ca_file in freePGconn?
Would a test case with an invalid/incorrect CA file be also useful, or
is that too much testing of curl internals?
diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 6db823808fc..24fda826dd1 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
Shouldn't the doc update also include oauth_ca_file?
+ {"oauth_ca_file", "PGOAUTHCAFILE", NULL, NULL,
+ "Oauth-CA-File", "", 64,
+ offsetof(struct pg_conn, oauth_ca_file)}
That should be OAuth-CA-File
+ * Allow to set the CA even if we're not in debug mode, this would make it easy
+ * to work on environments were the CA could be internal and available on every
+ * system, like big companies with airgap systems.
where the CA
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2026-03-10 22:47:52 | Re: index prefetching |
| Previous Message | Andres Freund | 2026-03-10 22:29:48 | Re: index prefetching |