Re: Support for NSS as a libpq TLS backend
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Jacob Champion <pchampion@vmware.com>, Heikki Linnakangas <hlinnaka@iki.fi>, Andres Freund <andres@anarazel.de>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Andrew Dunstan <andrew.dunstan@2ndquadrant.com>, Stephen Frost <sfrost@snowman.net>, Thomas Munro <thomas.munro@gmail.com>
Date: 2021-01-18T07:08:44Z
Lists: pgsql-hackers
On Tue, Nov 17, 2020 at 04:00:53PM +0100, Daniel Gustafsson wrote: > Nice, thanks for the fix! I've incorporated your patch into the attached v20 > which also fixes client side error reporting to be more readable. The SCRAM > tests are now also hooked up, albeit with SKIP blocks for NSS, so they can > start getting fixed. On top of the set of TODO items mentioned in the logs of the patches, this patch set needs a rebase because it does not apply. In order to move on with this set, I would suggest to extract some parts of the patch set independently of the others and have two buildfarm members for the MSVC and non-MSVC cases to stress the parts that can be committed. Just seeing the size, we could move on with: - The ./configure set, with the change to introduce --with-ssl=openssl. - 0004 for strong randoms. - Support for cryptohashes. +/* + * BITS_PER_BYTE is also defined in the NSPR header files, so we need to undef + * our version to avoid compiler warnings on redefinition. + */ +#define pg_BITS_PER_BYTE BITS_PER_BYTE +#undef BITS_PER_BYTE This could be done separately. src/sgml/libpq.sgml needs to document PQdefaultSSLKeyPassHook_nss, no? -- Michael
Commits
-
Add tab-completion for CREATE FOREIGN TABLE.
- 74527c3e022d 15.0 cited
-
Add tap tests for the schema publications.
- 6b0f6f79eef2 15.0 cited
-
Move Perl test modules to a better namespace
- b3b4d8e68ae8 15.0 cited
-
Adjust configure to insist on Perl version >= 5.8.3.
- 92e6a98c3636 15.0 cited
-
Simplify code related to compilation of SSL and OpenSSL
- 092b785fad3d 14.0 landed
-
Introduce --with-ssl={openssl} as a configure option
- fe61df7f82aa 14.0 landed
-
Implement support for bulk inserts in postgres_fdw
- b663a4136331 14.0 cited
-
Fix redundant error messages in client tools
- 6be725e70161 14.0 cited
-
doc: Apply more consistently <productname> markup for OpenSSL
- 089da3c4778f 14.0 landed
-
Check ssl_in_use flag when reporting statistics
- 6a5c750f3f72 14.0 cited