projects / users / rhaas / postgres.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9c14dd2)
Show SSL encryption information when logging connections
authorMagnus Hagander <[email protected]>
Fri, 17 Jan 2014 12:27:18 +0000 (13:27 +0100)
committerMagnus Hagander <[email protected]>
Fri, 17 Jan 2014 12:32:31 +0000 (13:32 +0100)
Expand the messages when log_connections is enabled to include the
fact that SSL is used and the SSL cipher information.

Dr. Andreas Kunert, review by Marko Kreen

src/backend/utils/init/postinit.c patch | blob | blame | history

diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c
index db67d7471a2d7e43282e5909ca8a1c5da8ff4018..258108165fc94dc5e09312ebc50704a43a17a476 100644 (file)
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@@ -230,13 +230,31 @@ PerformAuthentication(Port *port)
        if (Log_connections)
        {
                if (am_walsender)
-                       ereport(LOG,
-                                       (errmsg("replication connection authorized: user=%s",
-                                                       port->user_name)));
+               {
+#ifdef USE_SSL
+                       if (port->ssl)
+                               ereport(LOG,
+                                               (errmsg("replication connection authorized: user=%s SSL(protocol: %s, cipher: %s) enabled",
+                                                               port->user_name, SSL_get_version(port->ssl), SSL_get_cipher(port->ssl))));
+                       else
+#endif
+                               ereport(LOG,
+                                               (errmsg("replication connection authorized: user=%s",
+                                                               port->user_name)));
+               }
                else
-                       ereport(LOG,
-                                       (errmsg("connection authorized: user=%s database=%s",
-                                                       port->user_name, port->database_name)));
+               {
+#ifdef USE_SSL
+                       if (port->ssl)
+                               ereport(LOG,
+                                               (errmsg("connection authorized: user=%s database=%s SSL(protocol: %s, cipher: %s) enabled",
+                                                               port->user_name, port->database_name, SSL_get_version(port->ssl), SSL_get_cipher(port->ssl))));
+                       else
+#endif
+                               ereport(LOG,
+                                               (errmsg("connection authorized: user=%s database=%s",
+                                                               port->user_name, port->database_name)));
+               }
        }
 
        set_ps_display("startup", false);
Robert Haas's development tree.