Re: [HACKERS] Feature request: Logging SSL connections

2014-01-19 Thread Magnus Hagander
On Fri, Jan 17, 2014 at 4:53 PM, Tom Lane t...@sss.pgh.pa.us wrote: Magnus Hagander mag...@hagander.net writes: Applied, thanks! Minor bikeshedding: the messages would read better, to my eye, as user=%s database=%s SSL enabled (protocol=%s, cipher=%s) Putting enabled where it is requires

Re: [HACKERS] Feature request: Logging SSL connections

2014-01-17 Thread Magnus Hagander
On Sun, Dec 8, 2013 at 10:27 AM, Marko Kreen mark...@gmail.com wrote: On Fri, Dec 06, 2013 at 02:53:27PM +0100, Dr. Andreas Kunert wrote: Anything else missing? Functionally it's fine now, but I see few style problems: - if (port-ssl 0) is wrong, -ssl is pointer. So use just

Re: [HACKERS] Feature request: Logging SSL connections

2014-01-17 Thread Tom Lane
Magnus Hagander mag...@hagander.net writes: Applied, thanks! Minor bikeshedding: the messages would read better, to my eye, as user=%s database=%s SSL enabled (protocol=%s, cipher=%s) Putting enabled where it is requires extra mental gymnastics on the part of the reader. And why the random

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-08 Thread Marko Kreen
On Fri, Dec 06, 2013 at 02:53:27PM +0100, Dr. Andreas Kunert wrote: Anything else missing? Functionally it's fine now, but I see few style problems: - if (port-ssl 0) is wrong, -ssl is pointer. So use just if (port-ssl). - Deeper indentation would look nicer with braces. - There are

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-06 Thread Dr. Andreas Kunert
That seems useful. Do we need more information, like whether a client certificate was presented, or what ciphers were used? Yes, please show ciphersuite and TLS version too. Andreas, you can use my recent \conninfo patch as template:

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-06 Thread Marko Kreen
On Fri, Dec 06, 2013 at 11:43:55AM +0100, Dr. Andreas Kunert wrote: That seems useful. Do we need more information, like whether a client certificate was presented, or what ciphers were used? Yes, please show ciphersuite and TLS version too. Andreas, you can use my recent \conninfo patch

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-06 Thread Dr. Andreas Kunert
Anything else missing? Functionally it's fine now, but I see few style problems: - if (port-ssl 0) is wrong, -ssl is pointer. So use just if (port-ssl). - Deeper indentation would look nicer with braces. - There are some duplicated message, could you restructure it so that each message

[HACKERS] Feature request: Logging SSL connections

2013-12-05 Thread Dr. Andreas Kunert
Hello, we were really missing the information in our log files if (and which of) our users are using SSL during their connections. The attached patch is a very simple solution to this problem - it just tests if the ssl pointer in Port is null. If no, it adds SSL to the logfile, otherwise it

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-05 Thread Peter Eisentraut
On 12/5/13, 8:53 AM, Dr. Andreas Kunert wrote: we were really missing the information in our log files if (and which of) our users are using SSL during their connections. The attached patch is a very simple solution to this problem - it just tests if the ssl pointer in Port is null. If no,

Re: [HACKERS] Feature request: Logging SSL connections

2013-12-05 Thread Marko Kreen
On Thu, Dec 05, 2013 at 09:43:31AM -0500, Peter Eisentraut wrote: On 12/5/13, 8:53 AM, Dr. Andreas Kunert wrote: we were really missing the information in our log files if (and which of) our users are using SSL during their connections. The attached patch is a very simple solution to