public inbox for [email protected]  
help / color / mirror / Atom feed
[PATCH 08/10] Default to zstd..
4+ messages / 4 participants
[nested] [flat]

* [PATCH 08/10] Default to zstd..
@ 2021-03-12 21:35  Justin Pryzby <[email protected]>
  0 siblings, 0 replies; 4+ messages in thread

From: Justin Pryzby @ 2021-03-12 21:35 UTC (permalink / raw)

for CI, not for merge
---
 configure                         | 6 ++++--
 configure.ac                      | 2 +-
 src/backend/access/transam/xlog.c | 2 +-
 src/backend/utils/misc/guc.c      | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/configure b/configure
index 81e23418b2..253f028fc4 100755
--- a/configure
+++ b/configure
@@ -1582,7 +1582,7 @@ Optional Packages:
                           use system time zone data in DIR
   --without-zlib          do not use Zlib
   --without-lz4           build without LZ4 support
-  --with-zstd             build with Zstd compression library
+  --without-zstd          build without Zstd compression library
   --with-gnu-ld           assume the C compiler uses GNU ld [default=no]
   --with-ssl=LIB          use LIB for SSL/TLS support (openssl)
   --with-openssl          obsolete spelling of --with-ssl=openssl
@@ -8740,7 +8740,9 @@ $as_echo "#define USE_ZSTD 1" >>confdefs.h
   esac
 
 else
-  with_zstd=no
+  with_zstd=yes
+
+$as_echo "#define USE_ZSTD 1" >>confdefs.h
 
 fi
 
diff --git a/configure.ac b/configure.ac
index d6f6349067..8d72710fa7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1005,7 +1005,7 @@ fi
 # ZSTD
 #
 AC_MSG_CHECKING([whether to build with zstd support])
-PGAC_ARG_BOOL(with, zstd, no, [build with Zstd compression library],
+PGAC_ARG_BOOL(with, zstd, yes, [build without Zstd compression library],
               [AC_DEFINE([USE_ZSTD], 1, [Define to 1 to build with zstd support. (--with-zstd)])])
 AC_MSG_RESULT([$with_zstd])
 AC_SUBST(with_zstd)
diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c
index 307eee6626..92023de9f5 100644
--- a/src/backend/access/transam/xlog.c
+++ b/src/backend/access/transam/xlog.c
@@ -99,7 +99,7 @@ bool		EnableHotStandby = false;
 bool		fullPageWrites = true;
 bool		wal_log_hints = false;
 bool		wal_compression = false;
-int			wal_compression_method = WAL_COMPRESSION_LZ4;
+int			wal_compression_method = WAL_COMPRESSION_ZSTD;
 char	   *wal_consistency_checking_string = NULL;
 bool	   *wal_consistency_checking = NULL;
 bool		wal_init_zero = true;
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 52f9cd0242..8031e027aa 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -4728,7 +4728,7 @@ static struct config_enum ConfigureNamesEnum[] =
 			NULL
 		},
 		&wal_compression_method,
-		WAL_COMPRESSION_LZ4, wal_compression_options,
+		WAL_COMPRESSION_ZSTD, wal_compression_options,
 		NULL, NULL, NULL
 	},
 
-- 
2.17.0


--jozmn01XJZjDjM3N
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment;
 filename="0009-Add-zstd-compression-levels.patch"



^ permalink  raw  reply  [nested|flat] 4+ messages in thread

* Follow-up on OpenSSL "engines" and "providers"
@ 2026-01-29 17:15  Bear Giles <[email protected]>
  0 siblings, 1 reply; 4+ messages in thread

From: Bear Giles @ 2026-01-29 17:15 UTC (permalink / raw)
  To: pgsql-hackers

--000000000000f3d50906498a0174
Content-Type: text/plain; charset="UTF-8"

I've been doing a lot of thought about how my prior and current work could
be useful, not just intellectual exercises that might be useful to some
people, and keep coming back to the idea that my focus should probably be
other server-side extensions and not the SQL user. They won't be excluded -
far from it - but the emphasis should be providing an open source solution
that can handle much of the encryption and authentication required by other
extensions.

Most importantly - giving them a way to avoid knowing their private keys.
They can't expose what they don't have.



^ permalink  raw  reply  [nested|flat] 4+ messages in thread

* Re: Follow-up on OpenSSL "engines" and "providers"
@ 2026-02-13 11:42  Daniel Gustafsson <[email protected]>
  parent: Bear Giles <[email protected]>
  0 siblings, 1 reply; 4+ messages in thread

From: Daniel Gustafsson @ 2026-02-13 11:42 UTC (permalink / raw)
  To: Bear Giles <[email protected]>; +Cc: pgsql-hackers

> On 29 Jan 2026, at 18:15, Bear Giles <[email protected]> wrote:

> Most importantly - giving them a way to avoid knowing their private keys. They can't expose what they don't have.

FWIW there has been discussion among those of us who regularly dip our toes in
the OpenSSL support code to add some form of integration with vaults (like
vault from Hashicorp, ipa/idm from Redhat, Keychain from Apple etc) for storing
secrets.  AFAIK there are no concrete patches to look at (yet?), but there is
interest and it will most likely be discussed at PGConf.dev in case you are
thinking of attending.

--
Daniel Gustafsson







^ permalink  raw  reply  [nested|flat] 4+ messages in thread

* Re: Follow-up on OpenSSL "engines" and "providers"
@ 2026-02-16 11:12  =?UTF-8?Q?Anders_=C3=85strand?= <[email protected]>
  parent: Daniel Gustafsson <[email protected]>
  0 siblings, 0 replies; 4+ messages in thread

From: =?UTF-8?Q?Anders_=C3=85strand?= @ 2026-02-16 11:12 UTC (permalink / raw)
  To: Daniel Gustafsson <[email protected]>; Bear Giles <[email protected]>; +Cc: pgsql-hackers

> FWIW there has been discussion among those of us who regularly dip our toes in
> the OpenSSL support code to add some form of integration with vaults (like
> vault from Hashicorp, ipa/idm from Redhat, Keychain from Apple etc) for storing
> secrets.  AFAIK there are no concrete patches to look at (yet?), but there is
> interest and it will most likely be discussed at PGConf.dev in case you are
> thinking of attending.

I've been toying with the idea of building a key manager extension that could be used by others to get hold of secrets or use encryption keys without necessarily having to know where those secrets would be stored. It could use loadable shared libraries for the different providers similar to how we do it for OAuth.

I don't believe this code would have to start out in core at all, but maybe we will want to integrate it later for reasons.

-- 

Anders Åstrand
Percona







^ permalink  raw  reply  [nested|flat] 4+ messages in thread


end of thread, other threads:[~2026-02-16 11:12 UTC | newest]

Thread overview: 4+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2021-03-12 21:35 [PATCH 08/10] Default to zstd.. Justin Pryzby <[email protected]>
2026-01-29 17:15 Follow-up on OpenSSL "engines" and "providers" Bear Giles <[email protected]>
2026-02-13 11:42 ` Re: Follow-up on OpenSSL "engines" and "providers" Daniel Gustafsson <[email protected]>
2026-02-16 11:12   ` Re: Follow-up on OpenSSL "engines" and "providers" =?UTF-8?Q?Anders_=C3=85strand?= <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox