Re: Incorrect comment in be-secure-openssl.c - Mailing list pgsql-hackers

From Michael Paquier
Subject Re: Incorrect comment in be-secure-openssl.c
Date
Msg-id 20200601060615.GA351178@paquier.xyz
Whole thread Raw
In response to Re: Incorrect comment in be-secure-openssl.c  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: Incorrect comment in be-secure-openssl.c
List pgsql-hackers
On Sun, May 31, 2020 at 05:47:01PM -0400, Robert Haas wrote:
> On Sun, May 31, 2020 at 2:54 AM Michael Paquier <michael@paquier.xyz> wrote:
> I don't understand why that change is an improvement.

Oops.  I have managed to copy-paste an incorrect diff.  The existing
comment is that:
 * To prevent problems if the DH parameters files don't even
 * exist, we can load DH parameters hardcoded into this file.

Daniel's suggestion is that:
 * To prevent problems if the DH parameters files don't even
 * exist, we can load hardcoded DH parameters supplied with the backend.

And my own suggestion became that:
 * If DH parameters cannot be loaded from a specified file, we can load
 * the hardcoded DH parameters supplied with the backend to prevent
 * problems.

The problem I have with first and second flavors is that "DH
parameters files" does not sound right.  First, the grammar sounds
incorrect to me as in this case "parameters" should not be plural.
Second, it is only possible to load one file with ssl_dh_params_file,
and we only attempt to load this single file within initialize_dh().

Of course it would be possible to just switch to "DH parameter file"
in the first part of the sentence, but I have just finished by
rewriting the whole thing, as the third flavor.
--
Michael

Attachment

pgsql-hackers by date:

Previous
From: Amit Khandekar
Date:
Subject: Re: Inlining of couple of functions in pl_exec.c improves performance
Next
From: Masahiko Sawada
Date:
Subject: Re: Internal key management system