| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | Re: PQgetssl() and alternative SSL implementations |
| Date: | 2014-08-19 16:10:01 |
| Message-ID: | 20140819161000.GF6817@eldon.alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen Frost wrote:
> * Heikki Linnakangas (hlinnakangas(at)vmware(dot)com) wrote:
>
> > Indeed, the ODBC driver only uses libpq for authentication, then
> > calls PQgetssl(), and takes over the whole show calling SSL_read()
> > and SSL_write() itself. Ideally, we'd modify psqlodbc to stop doing
> > that, but that's not an easy job. In the short-term, I think we need
> > to export pqsecure_read() and pqsecure_write() functions in libpq,
> > so that the ODBC driver can use those instead of SSL_read() and
> > SSL_write().
>
> Yeah, that's what I remembered. There was an attempt to make that
> change at one point, but it was reverted due to the lack of batching
> ability in libpq (without resorting to cursors, as I recall...),
> requiring double the memory usage. Still, if pqsecure_read and
> pqsecure_write are sufficient to make the ODBC driver work, that's good
> news. I had been worried it did other things with the OpenSSL struct
> beyond just using those.
Um, libpq has recently gained the ability to return result fragments,
right? Those didn't exist when libpq-ification of odbc was attempted,
as I recall -- perhaps it's possible now.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-08-19 16:11:07 | Re: PQgetssl() and alternative SSL implementations |
| Previous Message | Andres Freund | 2014-08-19 16:05:54 | Re: PQgetssl() and alternative SSL implementations |