On 11/19/17 20:56, Michael Paquier wrote:
>> If I get it right we ignore gnutls and use openssl (as it's the first
>> checked in #ifdefs). Shouldn't we enforce in configure that only one TLS
>> implementation is enabled? Either by some elaborate check, or by
>> switching to something like
>>
>> --with-ssl=(openssl|gnutls)
> WIth potential patches coming to use macos' SSL implementation or
> Windows channel, there should really be only one implementation
> available at compile time. That's more simple as a first step as well.
> So +1 for the --with-ssl switch.
I'm not sure whether this is a great improvement. Why upset existing
build and packaging scripts? The usual options style is
--with-nameoflib. We can have separate options and error if conflicting
combinations are specified.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services