Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1u2Bb1-00EM8F-AY for pgsql-hackers@arkaria.postgresql.org; Tue, 08 Apr 2025 16:14:43 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1u2Baz-00B68X-Oi for pgsql-hackers@arkaria.postgresql.org; Tue, 08 Apr 2025 16:14:42 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1u2Baz-00B67m-FA for pgsql-hackers@lists.postgresql.org; Tue, 08 Apr 2025 16:14:41 +0000 Received: from momjian.us ([72.94.173.45]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1u2Bax-004ABq-1g for pgsql-hackers@postgresql.org; Tue, 08 Apr 2025 16:14:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=momjian.us; s=2025010100; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description; bh=GueP33cz5DorxDmrTn3ZU2BTbK4fvxqYdvA6r42ddvE=; b=BwVVD zXwu1WZiHsgeu/4CZP4kP6n33pXbikgsYblO3WKNbhR8IJsXi71RQZ3UnRoX4endyz++LFBXYorTl qhvlDJN2AnH34NsqTDgo41zu2B+CpBfcVCHcdL5+0LUVi/ys5cQ34r1SDpYKwJhDMHLcqgf+5klD+ OOuT6evGUzQ0ofHbIAf26jxsv0govGlVijVC9HKI2Z5nWk+/y24/MOOxu/D/t5BAIVdB0ATDJHpvH Ar+plGqmcdsGNnOFNB0aHiidJpHgqj7zlhMuofv6rzVa98zkg4d5Dl5lpEjnQB4xjN+nDSd1oqI5J 7XcbV5lyHPyHQbixHTXAH/OTUpYlA==; Received: from bruce by momjian.us with local (Exim 4.96) (envelope-from ) id 1u2Baq-003vUg-25; Tue, 08 Apr 2025 12:14:32 -0400 Date: Tue, 8 Apr 2025 12:14:32 -0400 From: Bruce Momjian To: Wolfgang Walther Cc: Jacob Champion , Daniel Gustafsson , Christoph Berg , Andres Freund , Peter Eisentraut , Tom Lane , PostgreSQL Hackers , Thomas Munro , Nazir Bilal Yavuz , Antonin Houska Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER Message-ID: References: <96b5b38b-2fac-409f-b922-f7fd653bf847@technowledgy.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <96b5b38b-2fac-409f-b922-f7fd653bf847@technowledgy.de> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Tue, Apr 8, 2025 at 06:01:42PM +0200, Wolfgang Walther wrote: > Jacob Champion: > > The above is discussing a patch to split this into its own loadable > > module. > > Wasn't sure where to put this exactly, the thread is long and I couldn't > find any discussion around it: > > How does the proposal with a loadable module affect a static libpq.a? > > I have not tried, yet, but is my assumption correct, that I could build a > libpq.a with oauth/curl support on current HEAD? > > If yes, would that still be an option after the split? How does this patch help us avoid having to handle curl CVEs and its curl's additional dependencies? As I understand the patch, it makes libpq _not_ have additional dependencies but moves the dependencies to a special loadable library that libpq can use. -- Bruce Momjian https://momjian.us EDB https://enterprisedb.com Do not let urgent matters crowd out time for investment in the future.