| From: | Wolfgang Walther <walther(at)technowledgy(dot)de> |
|---|---|
| To: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl> |
| Cc: | Christoph Berg <myon(at)debian(dot)org>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Nazir Bilal Yavuz <byavuz81(at)gmail(dot)com>, Antonin Houska <ah(at)cybertec(dot)at> |
| Subject: | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Date: | 2025-04-11 16:21:14 |
| Message-ID: | 487dacec-6d8d-46c0-a36f-d5b8c81a56f1@technowledgy.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Jacob Champion:
> On Wed, Apr 9, 2025 at 4:42 PM Jelte Fennema-Nio <postgres(at)jeltef(dot)nl> wrote:
>> I think your suggestion of not using any .so files would best there (from w user perspective). I'd be quite surprised if a static build still resulted in me having to manage shared library files anyway.
> Done this way in v5. I had planned to separate the implementations by
> a #define, but I ran into issues with Makefile.shlib, so I split the
> shared and dynamic versions into separate files. I just now realized
> that we do something about this exact problem in src/common, so I'll
> see if I can copy its technique for the next go round.
I tried to apply this patch to nixpkgs' libpq build [1]. First, I pinned
a recent commit from master (one where the v5 patch will apply cleanly
later) and enabled --with-libcurl [2].
At this stage, without the patch applied, I observe the following:
1. The default, dynamically linked, build succeeds and libpq.so is
linked to libcurl.so as expected!
2. The statically linked build fails during configure:
checking for curl_multi_init in -lcurl... no
configure: error: library 'curl' does not provide curl_multi_init
config.log tells me that it can't link to libcurl, because of undefined
references, for example:
undefined reference to `psl_is_cookie_domain_acceptable'
undefined reference to `nghttp2_session_check_request_allowed'
I assume the many libs listed in Libs.private in libcurl.pc are not
added automatically for this check?
Next, I applied the v5 patch and:
3. Running the same build as in step 1 above (dynamically linked), I can
see that libpq.so does have some reference to dlopen / libpq-oauth in it
- good. But libpq-oauth.so itself is not built. The commands I am using
to build just the libpq package are essentially like this:
make submake-libpgport
make submake-libpq
make -C src/bin/pg_config install
make -C src/common install
make -C src/include install
make -C src/interfaces/libpq install
make -C src/port install
I tried adding "make submake-libpq-oauth", but that doesn't exist.
When I do "make -C src/interfaces/libpq-oauth", I get this error:
make: *** No rule to make target 'oauth-curl.o', needed by
'libpq-oauth-18.so'. Stop.
Not sure how to proceed to build libpq-oauth.so.
4. The statically linked build fails with the same configure error as above.
I can only test autoconf right now, not meson - don't have a working
setup for that, yet.
Best,
Wolfgang
[1]:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/sql/postgresql/libpq.nix
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2025-04-11 16:25:47 | someone else to do the list of acknowledgments |
| Previous Message | Sami Imseih | 2025-04-11 15:44:59 | Re: stats.sql fails during installcheck on mac |