public inbox for [email protected]
help / color / mirror / Atom feedFrom: Christoph Berg <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Daniel Gustafsson <[email protected]>
Cc: Thomas Munro <[email protected]>
Cc: [email protected]
Subject: Re: pgsql: Add support for OAUTHBEARER SASL mechanism
Date: Tue, 1 Apr 2025 15:03:25 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+=SEwJ+7ATgxrkvDFyGb-FQ5FN9eF_RVMic6DAU3bk5zw@mail.gmail.com>
References: <[email protected]>
<[email protected]>
<CAOYmi+=SEwJ+7ATgxrkvDFyGb-FQ5FN9eF_RVMic6DAU3bk5zw@mail.gmail.com>
Re: Jacob Champion
> (That means that Windows builds --with-libcurl are similarly broken, I
> think. Not that Windows packagers will want to use --with-libcurl --
> it doesn't do anything -- but it should build.)
Does --with-libcurl still do anything useful if this feature test
fails? From what you are saying, the answer is "no", and I can see
more "not on this platform" error messages in other callbacks.
This should be documented in doc/src/sgml/installation.sgml.
> We could change how this works a bit for the proposed libpq-oauth.so
> plugin, and only build it if we have a workable implementation. I do
> like having these other platforms compile the Curl code, though, since
> we'd prefer to keep the build clean for a future Windows
> implementation...
I would prefer to get an error from configure if the feature doesn't
do anything on my platform. The current way is confusing. If future
users of libcurl change that, the configure test can still be changed.
With the libpq-oauth split, this makes even more sense because
building a library that always throws an error isn't very useful.
(Don't build that file at all if the feature doesn't work.)
Since oauth/curl have some security implications, would it make more
sense to call the switch --enable-oauth (-Doauth) so users could
control better what features their libpq is going to have? Perhaps
some other feature (pg_service as URL?) is going to need libcurl as
well, but it should be configurable separately.
Christoph
view thread (9+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: pgsql: Add support for OAUTHBEARER SASL mechanism
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox