Re: [PATCH] Add support for GnuTLS

On Mon, May 29, 2006 at 11:21:16PM -0400, Tom Lane wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > I think we are ready to move forward with this. Please supply an
> > updated patch ready for application. Thanks.
>
> I'm still not very happy with the size/invasiveness of that patch.

I think the size is unavoidable due to the amount of code being copied
between files. As an example I've created a version of the patch which
contains the minimal number of changes required for GnuTLS support.
That weighs in at 48KB. It does it by putting everything required into
one file and using #ifdefs to determine which code to compile.

Note: it's just an example, I wouldn't suggest adding it. For starters,
the #ifdef forest is a text-book example of how not to do things.
However, any increase in modularisation is going to increase the size
of the patch due to the moving around of code. If you have any
suggestions about the trade-off between modularity and patch size, I'd
like to hear them.

At the end of the day, what really needs to happen is that a position
needs to be taken:

1. No, never support anything other than OpenSSL
2. Yes, support GnuTLS but not in this form
3. Yes, accept patch as is (with updates for CVS drift)

Once a decision has been made, whatever it is, we can move forward. The
other features of the original patch can be added later if needed.

> FWIW, Red Hat's legal department thinks that the FSF has "overreached"
> in claiming that the GPL is incompatible with OpenSSL's license. Which
> is why Red Hat isn't worrying about GPL apps that use OpenSSL, of which
> there are quite a few ...

It is absolutly true that being a limited liability company and having
money to pay lawyers helps with legal questions.

Have a ncie day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.