Re: [HACKERS] GnuTLS support

Greetings,

* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> > On Thu, Nov 29, 2018 at 8:28 AM Peter Eisentraut
> > <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> >> I have decided that I don't want to pursue this patch anymore. It has
> >> served its purpose having allowed us to refine the SSL library
> >> abstractions so that alternative implementations such as macOS Secure
> >> Transport can go ahead. But officially supporting GnuTLS as an
> >> alternative to OpenSSL doesn't seem to have any practical advantages, so
> >> I don't foresee this getting committed into PostgreSQL core.
>
> > Hmm, I find that a bit disappointing. I'm not in a position to take up
> > the patch right now, unfortunately.
>
> Yeah, I was disappointed too. OpenSSL has had a squirrelly enough track
> record that it'd be nice not to be totally dependent on it. But, like
> both of you, I'm not quite motivated enough to take up the patch myself.

I'm also pretty disappointed by this, although admittedly I think my
interest would be more in adding libNSS support than GnuTLS, but I had
viewed this as a good stepping stone to get there. Perhaps it still can
be though.

Thanks!

Stephen