| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Cc: | Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com> |
| Subject: | Making openssl_tls_init_hook OpenSSL specific |
| Date: | 2020-04-16 12:17:33 |
| Message-ID: | E1BB5261-5C89-494A-841B-283DAD27A2EA@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Commit 896fcdb230e72 (sorry for chiming in too late, I missed that thread)
added a TLS init hook which is OpenSSL specific: openssl_tls_init_hook. Since
the rest of the TLS support in the backend is library agnostic, we should IMO
make this hook follow that pattern, else this will make a non-OpenSSL backend
not compile.
If we make the hook generic, extension authors must have a way to tell which
backend invoked it, so maybe the best option is to simply wrap this hook in
USE_OPENSSL ifdefs and keep the name/signature? Looking at the Secure
Transport patch I wrote, there is really no equivalent callsite; the same goes
for a libnss patch which I haven't yet submitted.
The attached adds USE_OPENSSL guards.
cheers ./daniel
| Attachment | Content-Type | Size |
|---|---|---|
| openssl_hook_guards.patch | application/octet-stream | 1.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2020-04-16 12:20:34 | Re: Do we need to handle orphaned prepared transactions in the server? |
| Previous Message | Zhang, Jie | 2020-04-16 10:54:09 | RE: [PATHC] Fix minor memory leak in pg_basebackup |