On 11/19/17 20:56, Michael Paquier wrote: >> If I get it right we ignore gnutls and use openssl (as it's the first >> checked in #ifdefs). Shouldn't we enforce in configure that only one TLS >> implementation is enabled? Either by some elaborate check, or by >> switching to something like >> >> --with-ssl=(openssl|gnutls) > WIth potential patches coming to use macos' SSL implementation or > Windows channel, there should really be only one implementation > available at compile time. That's more simple as a first step as well. > So +1 for the --with-ssl switch.
I'm not sure whether this is a great improvement. Why upset existing build and packaging scripts? The usual options style is --with-nameoflib. We can have separate options and error if conflicting combinations are specified. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services