| From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | Re: [HACKERS] postmaster dead on startup from unportable SSL patch |
| Date: | 1999-09-30 17:53:16 |
| Message-ID: | 199909301753.NAA03560@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Someone had the bright idea that the postmaster's -i switch could
> be redefined as
> -i same as it ever was
> -is accept only SSL connections
>
> Unfortunately, implementing that requires a getopt() that understands
> the GNU double-colon extension ("i::"). HPUX's getopt, which claims
> to be fully conformant to POSIX.2 and about six other standards,
> doesn't grok it. Net result: postmaster is quitting on startup with
> a "usage" message for me. Doubtless it will also fail on most other
> non-GNU-libc platforms.
>
> Unless we want to get into the business of supplying a substitute
> optarg() library routine, we're going to have to pick a more portable
> switch syntax for SSL. (I might also point out that "-is" used to
> have a quite different interpretation, ie "-i -s", which could trip
> up someone somewhere.)
-is is a totally broken option flag.
>
> I can see two reasonable choices: (a) pick a currently-unused
> switch letter that you specify *in addition to* -i, if you want
> only secure connections; (b) pick a currently-unused switch letter
> that you specify *instead of* -i, if you want only secure connections.
>
> I'd lean towards (a) except that both of the obvious choices, -s and -S,
> are already taken. If we go with (b), -I is available and perhaps not
> a totally off-the-wall choice, but I can't say I really like it.
I like option (a). Just pick any letter for the additional SSL flag
. It is SSL, you can use -L or -l. I would like to keep -i as
required, so when we tell people they have to use -i, they really have
to use -i for INET connection, not -i or -L.
>
> Comments? Ideas? Is it time to give up on getopt and go to multiletter
> switch names? (Of course that would break a lot of people's startup
> scripts... but we may someday be forced into it... maybe it's better
> to bite the bullet now.)
No, I don't think so. long opt names are more a headache than just
picking any new letter.
--
Bruce Momjian | http://www.op.net/~candle
maillist(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 1999-10-01 00:49:03 | Re: [HACKERS] postmaster dead on startup from unportable SSL patch |
| Previous Message | Zakkr | 1999-09-30 17:13:12 | TO_CHAR() |