| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PQgetssl() and alternative SSL implementations |
| Date: | 2014-08-19 18:49:45 |
| Message-ID: | CA+TgmoZDJ6CKiuBMqNk3iS7LQ9GZuzS7RTYSOvRu8kJjRKWLng@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Aug 18, 2014 at 7:54 AM, Heikki Linnakangas
<hlinnakangas(at)vmware(dot)com> wrote:
> In order to support alternatives to OpenSSL, we need to wean off
> applications from using PQgetssl(). To do that, we have to provide an
> alternative API to get the same information. PQgetSSL() returns a pointer
> directly to the OpenSSL private struct, and you can do anything with that.
> We cannot have a generic interface that exposes everything, so we need to
> identify the information that people actually want, and expose that.
I have a hard time believing that something like this will really
satisfy anyone. Why not just add PQgetSchannelHandleOrWhatever() and
call it good? We can try to be incredibly thorough in exposing the
information people want and we will still inevitably miss something
that someone cares about; worse, we'll spend an awful lot of time and
energy along the way.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2014-08-19 19:03:15 | Re: PQgetssl() and alternative SSL implementations |
| Previous Message | Stephen Frost | 2014-08-19 18:40:15 | Re: PQgetssl() and alternative SSL implementations |