Michael Paquier wrote: > Note for committers: attached is a small script that will generate a > client certificate with extensions enabled. This is helpful when > testing this patch. Once created, then simply connect with something > like this connection string: > "host=127.0.0.1 sslmode=verify-full sslcert=client.crt > sslkey=client.key sslrootcert=server.crt" > By querying the new function implemented by this patch the information > about the client certificate extensions will show up.
Thanks, this was useful. I made a couple extra cleanups to the patch, namely: do not call CreateTemplateTupleDesc() just to discard the resulting tupdesc with a subsequent get_call_result_type(); and do not write a \0 to the BIO_s_mem, and instead use BIO_get_mem_data's return value as length when converting str to text *. And pushed. FWIW I now think I made a mistake with the error checks that I backpatched, because the wording of the error messages I used "failed to foo" is frowned upon by our message style guidelines. Should be "could not do foo" instead. Thanks, -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers