database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-24 00:23:06 +03:00
Code Activity

Add notBefore and notAfter to SSL cert info display

Browse Source 
This adds the X509 attributes notBefore and notAfter to sslinfo
as well as pg_stat_ssl to allow verifying and identifying the
validity period of the current client certificate.

Author: Cary Huang <cary.huang@highgo.ca>
Discussion: https://postgr.es/m/182b8565486.10af1a86f158715.2387262617218380588@highgo.ca
This commit is contained in:
Daniel Gustafsson
2023-07-20 17:07:32 +02:00
parent 40fad96530
commit 75ec5e7bec
18 changed files with 246 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend/utils/activity/backend_status.c
View File

@@ -367,6 +367,8 @@ pgstat_bestart(void)
be_tls_get_peer_subject_name(MyProcPort, lsslstatus.ssl_client_dn, NAMEDATALEN);
be_tls_get_peer_serial(MyProcPort, lsslstatus.ssl_client_serial, NAMEDATALEN);
be_tls_get_peer_issuer_name(MyProcPort, lsslstatus.ssl_issuer_dn, NAMEDATALEN);
be_tls_get_peer_not_before(MyProcPort, &lsslstatus.ssl_not_before);
be_tls_get_peer_not_after(MyProcPort, &lsslstatus.ssl_not_after);
}
else
{