| From: | Andrew Chernow <ac(at)esilo(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Merlin Moncure <mmoncure(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PQinitSSL broken in some use casesf |
| Date: | 2009-02-13 19:40:43 |
| Message-ID: | 4995CCBB.5050605@esilo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew Chernow wrote:
>> At this point I like Merlin's proposal of a third parameter value to
>> PQinitSSL the best.
>
> I'm not opposed to it, although I don't think it is as clean as a new
> function.
>
>>
>> Also, this definition feels a bit wrong --- it's not possible for
>> all four cases to be valid, is it?
>>
>
> Yes it is.
>
> PQinitSSLExtended(0, 0); // don't init anything, PQinitSSL(0)
> PQinitSSLExtended(1, 0); // init ssl, don't init crypto
> PQinitSSLExtended(0, 1); // don't init ssl, init crypto
> PQinitSSLExtended(1, 1); // init both, default behavior, PQinitSSL(1)
>
Maybe the argument to PQinitSSLExtended should be a bit mask, making
this version more extendable ... PG_INITSSL, PG_INITCRYPTO?
Also, how about calling this PQinitSecure(int flags), since SSL is only
one thing it can init. This is just like merlin's suggestion but
without hacking the existing PQinitSSL.
--
Andrew Chernow
eSilo, LLC
every bit counts
http://www.esilo.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-02-13 19:49:03 | Re: PQinitSSL broken in some use casesf |
| Previous Message | Andrew Chernow | 2009-02-13 19:28:51 | Re: PQinitSSL broken in some use casesf |