From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
---|---|
To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
Subject: | Re: PQgetssl() and alternative SSL implementations |
Date: | 2014-08-19 16:22:39 |
Message-ID: | 53F379CF.5090100@vmware.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 08/19/2014 07:10 PM, Alvaro Herrera wrote:
> Stephen Frost wrote:
>> * Heikki Linnakangas (hlinnakangas(at)vmware(dot)com) wrote:
>>
>>> Indeed, the ODBC driver only uses libpq for authentication, then
>>> calls PQgetssl(), and takes over the whole show calling SSL_read()
>>> and SSL_write() itself. Ideally, we'd modify psqlodbc to stop doing
>>> that, but that's not an easy job. In the short-term, I think we need
>>> to export pqsecure_read() and pqsecure_write() functions in libpq,
>>> so that the ODBC driver can use those instead of SSL_read() and
>>> SSL_write().
>>
>> Yeah, that's what I remembered. There was an attempt to make that
>> change at one point, but it was reverted due to the lack of batching
>> ability in libpq (without resorting to cursors, as I recall...),
>> requiring double the memory usage. Still, if pqsecure_read and
>> pqsecure_write are sufficient to make the ODBC driver work, that's good
>> news. I had been worried it did other things with the OpenSSL struct
>> beyond just using those.
>
> Um, libpq has recently gained the ability to return result fragments,
> right? Those didn't exist when libpq-ification of odbc was attempted,
> as I recall -- perhaps it's possible now.
IIRC the thing that psqlodbc does that libpq doesn't support is sending
multiple queries to the backend, and then wait for *all* the replies to
arrive, in a single round-trip. The closest thing is using PQexec("foo;
bar;"), but that's quite limited.
- Heikki
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2014-08-19 16:25:20 | Re: PQgetssl() and alternative SSL implementations |
Previous Message | Heikki Linnakangas | 2014-08-19 16:14:38 | Re: PQgetssl() and alternative SSL implementations |