Re: Support for NSS as a libpq TLS backend
| От | Daniel Gustafsson |
|---|---|
| Тема | Re: Support for NSS as a libpq TLS backend |
| Дата | |
| Msg-id | DA91E5F0-5F9D-41A7-A7A6-B91CDE0F1D63@yesql.se обсуждение исходный текст |
| Ответ на | Re: Support for NSS as a libpq TLS backend (Andrew Dunstan <andrew.dunstan@2ndquadrant.com>) |
| Ответы |
Re: Support for NSS as a libpq TLS backend
|
| Список | pgsql-hackers |
> On 5 Aug 2020, at 22:38, Andrew Dunstan <andrew.dunstan@2ndquadrant.com> wrote: > > On 8/4/20 5:42 PM, Daniel Gustafsson wrote: >>> On 3 Aug 2020, at 21:18, Andrew Dunstan <andrew.dunstan@2ndquadrant.com> wrote: >>> On 8/3/20 12:46 PM, Andrew Dunstan wrote: >>>> On 7/31/20 4:44 PM, Andrew Dunstan wrote: >>>>> OK, here is an update of your patch that compiles and runs against NSS >>>>> under Windows (VS2019). >> Out of curiosity since I'm not familiar with Windows, how hard/easy is it to >> install NSS for the purpose of a) hacking on postgres+NSS and b) using postgres >> with NSS as the backend? > > I've laid out the process at > https://www.2ndquadrant.com/en/blog/nss-on-windows-for-postgresql-development/ That's fantastic, thanks for putting that together. >>>> OK, this version contains pre-generated nss files, and passes a full >>>> buildfarm run including the ssl test module, with both openssl and NSS. >>>> That should keep the cfbot happy :-) Turns out the CFBot doesn't like the binary diffs. They are included in this version too but we should probably drop them again it seems. >> Exciting, thanks a lot for helping out on this! I've started to look at the >> required documentation changes during vacation, will hopefully be able to post >> something soon. > > Good. Having got the tests running cleanly on Linux, I'm now going back > to work on that for Windows. > > After that I'll look at the hook/callback stuff. The attached v9 contains mostly a first stab at getting some documentation going, it's far from completed but I'd rather share more frequently to not have local trees deviate too much in case you've had time to hack as well. I had a few documentation tweaks in the code too, but no real functionality change for now. The 0001 patch isn't strictly necessary but it seems reasonable to address the various ways OpenSSL was spelled out in the docs while at updating the SSL portions. It essentially ensures that markup around OpenSSL and SSL is used consistently. I didn't address the linelengths being too long in this patch to make review easier instead. cheers ./daniel
Вложения
В списке pgsql-hackers по дате отправления: