Re: [HACKERS] GnuTLS support

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Thu, Nov 29, 2018 at 8:28 AM Peter Eisentraut
> <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
>> I have decided that I don't want to pursue this patch anymore. It has
>> served its purpose having allowed us to refine the SSL library
>> abstractions so that alternative implementations such as macOS Secure
>> Transport can go ahead. But officially supporting GnuTLS as an
>> alternative to OpenSSL doesn't seem to have any practical advantages, so
>> I don't foresee this getting committed into PostgreSQL core.

> Hmm, I find that a bit disappointing. I'm not in a position to take up
> the patch right now, unfortunately.

Yeah, I was disappointed too. OpenSSL has had a squirrelly enough track
record that it'd be nice not to be totally dependent on it. But, like
both of you, I'm not quite motivated enough to take up the patch myself.

Anyway, if the OpenSSL situation changes enough to affect the cost/benefit
calculus, at least we should be able to re-open this patch with some
confidence that we've not painted ourselves into a corner.

regards, tom lane