Re: Support for NSS as a libpq TLS backend

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Kevin Burke <kevin(at)burke(dot)dev>
Cc: Jacob Champion <pchampion(at)vmware(dot)com>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "hlinnaka(at)iki(dot)fi" <hlinnaka(at)iki(dot)fi>, "andrew(dot)dunstan(at)2ndquadrant(dot)com" <andrew(dot)dunstan(at)2ndquadrant(dot)com>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net>, "rachelmheaton(at)gmail(dot)com" <rachelmheaton(at)gmail(dot)com>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "michael(at)paquier(dot)xyz" <michael(at)paquier(dot)xyz>, "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de>
Subject: Re: Support for NSS as a libpq TLS backend
Date: 2021-10-29 11:54:29
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> On 29 Oct 2021, at 06:31, Kevin Burke <kevin(at)burke(dot)dev> wrote:

Thanks for testing the patch!

> I believe that these patches need to integrate the refactoring in commit
> b3b4d8e68ae83f432f43f035c7eb481ef93e1583 - git is searching for the wrong text
> in the existing file

Correct, b3b4d8e68 as well as b4c4a00ea both created conflicts with this
patchset. Attached is an updated patchset fixing both of those as well as
adding version checks for NSS and NSPR to autoconf (with fallbacks for
non-{nss|nspr}-config systems). The versions picked are semi-arbitrary and
definitely up for discussion. I chose them mainly as they were the oldest
commonly available packages I found, and they satisfy the requirements we have.

> I'm not sure how to submit a patch against a patch.

If you've done the work of fixing the conflicts in a rebase, the best option is
IMO to supply a whole new version of the patchset since that will make the CF
patch tester be able to build and test the version.

Daniel Gustafsson

Attachment Content-Type Size
v46-0001-nss-Support-libnss-as-TLS-library-in-libpq.patch application/octet-stream 103.2 KB
v46-0002-Refactor-SSL-testharness-for-multiple-library.patch application/octet-stream 11.6 KB
v46-0003-nss-Add-NSS-specific-tests.patch application/octet-stream 59.0 KB
v46-0004-test-check-for-empty-stderr-during-connect_ok.patch application/octet-stream 3.7 KB
v46-0005-nss-pg_strong_random-support.patch application/octet-stream 2.0 KB
v46-0006-nss-Documentation.patch application/octet-stream 35.6 KB
v46-0007-nss-Support-NSS-in-pgcrypto.patch application/octet-stream 24.9 KB
v46-0008-nss-Support-NSS-in-sslinfo.patch application/octet-stream 3.6 KB
v46-0009-nss-Support-NSS-in-cryptohash.patch application/octet-stream 6.1 KB
v46-0010-nss-Build-infrastructure.patch application/octet-stream 24.8 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message tomas 2021-10-29 12:14:35 plpgsql: can I use a variable in a DECLARE later whithin the DECLARE?
Previous Message Nitin Jadhav 2021-10-29 11:38:52 Re: when the startup process doesn't (logging startup delays)