On Thu, Dec 17, 2020 at 01:15:37AM +0100, Daniel Gustafsson wrote: > In vtls library contexts are abstracted to the core code, with implementations > supplying a struct with a set of function pointers implementing functionality > (this difference is due to libcurl supporting multiple TLS libraries compiled > at the same time, something postgres IMO shouldn't do). We do give > implementations a bit more leeway with how feature complete they must be, > mainly due to the wide variety of libraries supported (from OpenSSL to IBM > GSKit and most ones in between). While basic it has served us quite well and > we have had first time contributors successfully come with a new TLS library > as > a patch.
This infrastructure has been chosen because curl requires to be able to use multiple types of libraries at run-time, right? I don't think we need to get down to that for Postgres and keep things so as we are only able to use one TLS library at the same time, the one compiled with. This makes the protocol simpler. But perhaps I just lack ambition and vision. -- Michael
signature.asc
Description: PGP signature