Re: [PoC] Federated Authn/z with OAUTHBEARER - Mailing list pgsql-hackers
| From | Wolfgang Walther |
|---|---|
| Subject | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Date | |
| Msg-id | 487dacec-6d8d-46c0-a36f-d5b8c81a56f1@technowledgy.de Whole thread Raw |
| In response to | Re: [PoC] Federated Authn/z with OAUTHBEARER (Jacob Champion <jacob.champion@enterprisedb.com>) |
| Responses |
Re: [PoC] Federated Authn/z with OAUTHBEARER
Re: [PoC] Federated Authn/z with OAUTHBEARER |
| List | pgsql-hackers |
Jacob Champion: > On Wed, Apr 9, 2025 at 4:42 PM Jelte Fennema-Nio <postgres@jeltef.nl> wrote: >> I think your suggestion of not using any .so files would best there (from w user perspective). I'd be quite surprisedif a static build still resulted in me having to manage shared library files anyway. > Done this way in v5. I had planned to separate the implementations by > a #define, but I ran into issues with Makefile.shlib, so I split the > shared and dynamic versions into separate files. I just now realized > that we do something about this exact problem in src/common, so I'll > see if I can copy its technique for the next go round. I tried to apply this patch to nixpkgs' libpq build [1]. First, I pinned a recent commit from master (one where the v5 patch will apply cleanly later) and enabled --with-libcurl [2]. At this stage, without the patch applied, I observe the following: 1. The default, dynamically linked, build succeeds and libpq.so is linked to libcurl.so as expected! 2. The statically linked build fails during configure: checking for curl_multi_init in -lcurl... no configure: error: library 'curl' does not provide curl_multi_init config.log tells me that it can't link to libcurl, because of undefined references, for example: undefined reference to `psl_is_cookie_domain_acceptable' undefined reference to `nghttp2_session_check_request_allowed' I assume the many libs listed in Libs.private in libcurl.pc are not added automatically for this check? Next, I applied the v5 patch and: 3. Running the same build as in step 1 above (dynamically linked), I can see that libpq.so does have some reference to dlopen / libpq-oauth in it - good. But libpq-oauth.so itself is not built. The commands I am using to build just the libpq package are essentially like this: make submake-libpgport make submake-libpq make -C src/bin/pg_config install make -C src/common install make -C src/include install make -C src/interfaces/libpq install make -C src/port install I tried adding "make submake-libpq-oauth", but that doesn't exist. When I do "make -C src/interfaces/libpq-oauth", I get this error: make: *** No rule to make target 'oauth-curl.o', needed by 'libpq-oauth-18.so'. Stop. Not sure how to proceed to build libpq-oauth.so. 4. The statically linked build fails with the same configure error as above. I can only test autoconf right now, not meson - don't have a working setup for that, yet. Best, Wolfgang [1]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/sql/postgresql/libpq.nix
pgsql-hackers by date: