Re: [HACKERS] postmaster dead on startup from unportable SSL patch
| От | Bruce Momjian |
|---|---|
| Тема | Re: [HACKERS] postmaster dead on startup from unportable SSL patch |
| Дата | |
| Msg-id | 199909301753.NAA03560@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | postmaster dead on startup from unportable SSL patch (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
> Someone had the bright idea that the postmaster's -i switch could
> be redefined as
> -i same as it ever was
> -is accept only SSL connections
>
> Unfortunately, implementing that requires a getopt() that understands
> the GNU double-colon extension ("i::"). HPUX's getopt, which claims
> to be fully conformant to POSIX.2 and about six other standards,
> doesn't grok it. Net result: postmaster is quitting on startup with
> a "usage" message for me. Doubtless it will also fail on most other
> non-GNU-libc platforms.
>
> Unless we want to get into the business of supplying a substitute
> optarg() library routine, we're going to have to pick a more portable
> switch syntax for SSL. (I might also point out that "-is" used to
> have a quite different interpretation, ie "-i -s", which could trip
> up someone somewhere.)
-is is a totally broken option flag.
>
> I can see two reasonable choices: (a) pick a currently-unused
> switch letter that you specify *in addition to* -i, if you want
> only secure connections; (b) pick a currently-unused switch letter
> that you specify *instead of* -i, if you want only secure connections.
>
> I'd lean towards (a) except that both of the obvious choices, -s and -S,
> are already taken. If we go with (b), -I is available and perhaps not
> a totally off-the-wall choice, but I can't say I really like it.
I like option (a). Just pick any letter for the additional SSL flag
. It is SSL, you can use -L or -l. I would like to keep -i as
required, so when we tell people they have to use -i, they really have
to use -i for INET connection, not -i or -L.
>
> Comments? Ideas? Is it time to give up on getopt and go to multiletter
> switch names? (Of course that would break a lot of people's startup
> scripts... but we may someday be forced into it... maybe it's better
> to bite the bullet now.)
No, I don't think so. long opt names are more a headache than just
picking any new letter.
-- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026
В списке pgsql-hackers по дате отправления: