On Tue, Dec 1, 2015 at 3:14 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Robert Haas <robertmh...@gmail.com> writes: >> On Tue, Dec 1, 2015 at 2:56 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >>> "David E. Wheeler" <da...@justatheory.com> writes: >>>> I don’t suppose anyone has looked at what it would take to get PostgreSQL >>>> use Secure Transport, right? > >>> This is going to put a bit more urgency into the project Heikki had been >>> working on to allow use of more than one SSL implementation. I can't >>> really see us back-porting that, though, which is going to leave things >>> in a fairly nasty place for all pre-9.6 branches ... > >> I think it'd be great to finish that project, but having to use >> MacPorts to install the headers isn't really a big deal, is it? > > Well, you'd have to use MacPorts' version of the openssl libraries, > too, since there'd be no certainty that their headers match the > Apple-provided libraries (in fact, I'd bet a lot that they don't). > This would be a pain if you wanted to put your compiled PG executables > on some other Mac.
Yeah, I guess it means that people building for MacOS X will probably have to ship OpenSSL as a dependency, which also means that they will need to update it when new versions are released. That is already a pretty obnoxious disease on Windows, and it's unfortunate to see it spreading. It would save us a good deal of staff time here at EnterpriseDB if we didn't have to do new releases of everything on Windows every time there is an OpenSSL update. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
