| From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
|---|---|
| To: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
| Cc: | Andreas Karlsson <andreas(at)proxel(dot)se>, Martijn van Oosterhout <kleptog(at)svana(dot)org>, Magnus Hagander <magnus(at)hagander(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Supporting Windows SChannel as OpenSSL replacement |
| Date: | 2014-08-15 17:20:24 |
| Message-ID: | 53EE4158.2030506@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 08/15/2014 08:16 PM, Jeff Janes wrote:
> On Tue, Aug 12, 2014 at 10:52 AM, Heikki Linnakangas <
> hlinnakangas(at)vmware(dot)com> wrote:
>
>> On 08/06/2014 08:37 PM, Jeff Janes wrote:
>>
>>> But now it looks like 0002 needs a rebase....
>>
>> I've committed the refactoring patch, and here's a rebased and improved
>> version of the Windows SChannel implementation over that.
>
> On MinGW, I get the following error when compiling with options
> --host=x86_64-w64-mingw32 --without-zlib:
>
> be-secure.c: In function 'secure_open_server':
> be-secure.c:106:2: error: 'Port' has no member named 'peer_cn'
> be-secure.c:106:2: error: 'Port' has no member named 'peer_cn'
> make[3]: *** [be-secure.o] Error 1
> make[2]: *** [libpq-recursive] Error 2
> make[1]: *** [all-backend-recurse] Error 2
> make: *** [all-src-recurse] Error 2
>
> Should the ereport DEBUG2 be inside the "#ifdef USE_SSL"?
Yeah.
I've been thinking though, perhaps we should always have the ssl_in_use,
peer_cn and peer_cert_valid members in the Port struct. If not compiled
with USE_SSL, they would just always be false/NULL. Then we wouldn't
need #ifdefs around all the places that check hose fields either.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2014-08-15 17:53:34 | Re: 9.5: Memory-bounded HashAgg |
| Previous Message | Jeff Janes | 2014-08-15 17:16:27 | Re: Supporting Windows SChannel as OpenSSL replacement |