Re: ssl passphrase callback - Mailing list pgsql-hackers

From Tom Lane
Subject Re: ssl passphrase callback
Date
Msg-id 30151.1575738977@sss.pgh.pa.us
Whole thread Raw
In response to Re: ssl passphrase callback  (Andrew Dunstan <andrew.dunstan@2ndquadrant.com>)
Responses Re: ssl passphrase callback
List pgsql-hackers
Andrew Dunstan <andrew.dunstan@2ndquadrant.com> writes:
> Bruce was worried about what would happen if we defined both
> ssl_passphrase_command and ssl_passphrase_callback. The submitted patch
> let's the callback have precedence, but it might be cleaner to error out
> with such a config. OTOH, that wouldn't be so nice on a reload, so it
> might be better just to document the behaviour.

I think it would be up to the extension that's using the hook to
decide what to do if ssl_passphrase_command is set.  It would not
be our choice, and it would certainly not fall to us to document it.

> He was also worried that multiple shared libraries might try to provide
> the hook. I think that's fairly fanciful, TBH. It comes into the
> category of "Don't do that."

Again, it's somebody else's problem.  We have plenty of hooks that
are of dubious use for multiple extensions, so why should this one be
held to a higher standard?

            regards, tom lane



pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: verbose cost estimate
Next
From: Tom Lane
Date:
Subject: Re: Windows buildfarm members vs. new async-notify isolation test