Re: [PATCH] Reload SSL certificates on SIGHUP

On 12/04/2016 03:20 PM, Michael Paquier wrote:
> On Sun, Dec 4, 2016 at 11:11 PM, Andreas Karlsson <andreas@proxel.se> wrote:
>> On 12/04/2016 02:12 PM, Michael Paquier wrote:
>>>
>>> One last thing that I think is missing in this patch is for users the
>>> possibility to check via SQL if the SSL context is actually loaded or
>>> not. As the context is reloaded after all the new values are
>>> available, with the current patch users may see that ssl is set to on
>>> but no context is loaded. So why not adding for example a read-only
>>> parameter that maps with SSLLoaded?
>>
>>
>> The other three issues are easy to fix, but this one is a bit trickier. Do
>> you mean that we should add another GUC here which is read-only?
>
> Yes, that's what I meant. It is hard to track if the reloading has
> been effective or not.
>
>> Does this have a precedent in the code?
>
> data_checksums in guc.c is an example, it is marked with
> GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE and its value is updated with
> SetConfigOption() when the control file is read. The idea would be to
> do something like that with LoadedSSL.

Thanks. I will be quite busy the upcoming couple of weeks so there will 
be a while until I can sit down with this. Feel free to contribute to 
the patch.

Andreas