Comparing the existing {be,fe}-secure-openssl.c with the proposed
{be,fe}-secure-gnutls.c, and with half an eye on the previously proposed
Apple Secure Transport implementation, I have identified a few more
areas of refactoring that should be done in order to avoid excessive
copy-and-pasting in the new implementations:
0001-Add-installcheck-support-to-more-test-suites.patch
This will help with interoperability testing, because you can then
create an installation with mixed SSL implementations and run the test
suite against it.
0002-Split-out-documentation-of-SSL-parameters-into-their.patch
Prepares and cleans up the documentation a bit before the addition of
new things, as discussed elsewhere.
0003-Move-EDH-support-to-common-files.patch
To avoid copy-and-paste, and also because the EDH explanation doesn't
really belong in a file header comment. Maybe the whole thing is known
well enough nowadays that we can just remove the explanation.
0004-Move-SSL-API-comments-to-header-files.patch
0005-Extract-common-bits-from-OpenSSL-implementation.patch
Move copy-and-paste avoidance.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services