From: | Andreas Karlsson <andreas(at)proxel(dot)se> |
---|---|
To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
Cc: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Subject: | Re: [HACKERS] GnuTLS support |
Date: | 2017-11-27 01:05:39 |
Message-ID: | 5951fcd2-393d-f90c-4780-2f6e4c94693e@proxel.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 11/20/2017 02:56 AM, Michael Paquier wrote:
> On Mon, Nov 20, 2017 at 9:42 AM, Tomas Vondra
> <tomas(dot)vondra(at)2ndquadrant(dot)com> wrote:
>> If I get it right we ignore gnutls and use openssl (as it's the first
>> checked in #ifdefs). Shouldn't we enforce in configure that only one TLS
>> implementation is enabled? Either by some elaborate check, or by
>> switching to something like
>>
>> --with-ssl=(openssl|gnutls)
>
> WIth potential patches coming to use macos' SSL implementation or
> Windows channel, there should really be only one implementation
> available at compile time. That's more simple as a first step as well.
> So +1 for the --with-ssl switch.
I have now implemented this in the attached patch (plus added support
for channel binding and rebased it) but I ran into one issue which I
have not yet solved. The script for the windows version takes the
--with-openssl=<path> switch so that cannot just be translated to a
single --with-ssl switch. Should to have both --with-openssl and
--with-gnutls or --with-ssl=(openssl|gnutls) and --with-ssl-path=<path>?
I also do not know the Windows build code very well (or really at all).
Andreas
Attachment | Content-Type | Size |
---|---|---|
gnutls-v5.patch | text/x-patch | 86.1 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Paquier | 2017-11-27 01:20:15 | Re: [HACKERS] GnuTLS support |
Previous Message | Michael Paquier | 2017-11-27 01:03:25 | Re: [HACKERS] More stats about skipped vacuums |