In message <14727.1241816192@sss.pgh.pa.us>, Tom Lane writes:
> It is of course possible to support both at the same time (at > compile-time, if nowhere else). Yes, I
supposewe'd not wish to just drop openssl completely. I wonder how much code duplication would ensue from a
compile-time choice of which library to use ...
My only datapoint for you is curl, which is an application I happen to
have discovered that can use either NSS and OpenSSL.
Lines Words Chars Filename 2508 7890 74682 ssluse.c 1331 3708 36411 nss.c
I imagine that you would more or less have to provide a different
be-secure.c and fe-secure.c file for the two different
libraries--whether as a separate file or via #ifdefs. It looks like
there is a small amount of common code present (why *is*
pg_block_sigpipe() in that file anyway?)
-Seth Robertson in-pgsql-hackers@baka.org