Brent Verner <brent@rcfile.org> writes:
> | I also wonder what happens when
> | the client and server disagree on the meaning of a filter name.
> How this is any different than saying "...when the client and
> server disagree on the meaning of a ProtocolVersion.", which is
> how ssl support is currently requested/negotiated?
Nonsense. The ProtocolVersion stuff is documented, fixed, and the same
for every Postgres installation that understands a given version at all.
What you are proposing is an installation-dependent meaning of protocol
(because the meaning of any particular filter name is not standardized).
I cannot see any way that that is a good idea.
> What am I overlooking?
Cost/benefit. You have yet to offer even one reason why destandardizing
the protocol is a win.
I am also pretty concerned about the security risks involved. AFAICS
what you are proposing is that a user who hasn't even authenticated yet,
let alone proven himself to be a superuser, can ask the server to load
in code of uncertain provenance. The downsides of this are potentially
enormous, and the upsides are ... well ... you didn't actually offer any.
> I still don't see what additional problems would be created by
> using this StreamFilter API, so I'm going to march on and perhaps
> the problems/difficulties will become apparent ;-)
The stream-filter part is not a bad idea: that would definitely make it
easier to incorporate new capabilities into the standard protocol.
What I'm complaining about is the dynamic-loading part, and the
installation-dependent behavior. I see no real advantage to either of
those aspects, and lots of risks.
regards, tom lane