Re: Support for NSS as a libpq TLS backend

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Jacob Champion <pchampion(at)vmware(dot)com>
Cc: "daniel(at)yesql(dot)se" <daniel(at)yesql(dot)se>, "hlinnaka(at)iki(dot)fi" <hlinnaka(at)iki(dot)fi>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org>, "andrew(dot)dunstan(at)2ndquadrant(dot)com" <andrew(dot)dunstan(at)2ndquadrant(dot)com>, "sfrost(at)snowman(dot)net" <sfrost(at)snowman(dot)net>, "thomas(dot)munro(at)gmail(dot)com" <thomas(dot)munro(at)gmail(dot)com>, "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de>
Subject: Re: Support for NSS as a libpq TLS backend
Date: 2021-02-02 01:06:08
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Tue, Feb 02, 2021 at 12:42:23AM +0000, Jacob Champion wrote:
> (Looks like thread safety for NSS_Init was added in 3.13, so we have an
> absolute version floor.)

If that's the case, I would recommend to add at least something in the
section called install-requirements in the docs.

> If pgcrypto is backend-only then I don't think it should need
> multithreading protection; is that right?

No need for it in the backend, unless there are plans to switch from
processes to threads there :p

libpq, ecpg and anything using them have to care about that. Worth
noting that OpenSSL also has some special handling in libpq with
CRYPTO_get_id_callback() and that it tracks the number of opened

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Michael Paquier 2021-02-02 01:32:19 Re: Allow CLUSTER, VACUUM FULL and REINDEX to change tablespace on the fly
Previous Message Tommy Li 2021-02-02 00:59:35 Re: a verbose option for autovacuum