Re: Support for NSS as a libpq TLS backend

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Andres Freund <andres@anarazel.de>
Cc: Stephen Frost <sfrost@snowman.net>, Daniel Gustafsson <daniel@yesql.se>, Robert Haas <robertmhaas@gmail.com>, Julien Rouhaud <rjuju123@gmail.com>, Jacob Champion <pchampion@vmware.com>, "pgsql-hackers@lists.postgresql.org" <pgsql-hackers@lists.postgresql.org>, "hlinnaka@iki.fi" <hlinnaka@iki.fi>, "andrew.dunstan@2ndquadrant.com" <andrew.dunstan@2ndquadrant.com>, "michael@paquier.xyz" <michael@paquier.xyz>, "thomas.munro@gmail.com" <thomas.munro@gmail.com>
Date: 2022-02-02T21:08:04Z
Lists: pgsql-hackers
On Tue, Feb  1, 2022 at 01:52:09PM -0800, Andres Freund wrote:
> There's https://hg.mozilla.org/projects/nspr/file/tip/pr/src - which is I
> think the upstream source.
> 
> A project without even a bare-minimal README at the root does have a "internal
> only" feel to it...

I agree --- it is a library --- if they don't feel the need to publish
the API, it seems to mean they want to maintain the ability to change it
at any time, and therefore it is inappropriate for other software to
rely on that API.

This is not the same as Postgres extensions needing to read the Postgres
source code --- they are an important but edge use case and we never saw
the need to standardize or publish the internal functions that must be
studied and adjusted possibly for major releases.

This kind of feels like the Chrome JavaScript code that used to be able
to be build separately for PL/v8, but has gotten much harder to do in
the past few years.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  If only the physical world exists, free will is an illusion.




Commits

  1. Add tab-completion for CREATE FOREIGN TABLE.

  2. Add tap tests for the schema publications.

  3. Move Perl test modules to a better namespace

  4. Adjust configure to insist on Perl version >= 5.8.3.

  5. Simplify code related to compilation of SSL and OpenSSL

  6. Introduce --with-ssl={openssl} as a configure option

  7. Implement support for bulk inserts in postgres_fdw

  8. Fix redundant error messages in client tools

  9. doc: Apply more consistently <productname> markup for OpenSSL

  10. Check ssl_in_use flag when reporting statistics