Greg,
* Greg Smith (greg@2ndquadrant.com) wrote:
> Note that the past discussion was on the difficulty of matching the
> existing OpenSSL API using GnuTLS, which is apparently difficult to
> do.
Oh, yes, that's more a reflection on the crappy API that OpenSSL has
than on anything else, in my view...
> I wasn't trying to suggest there were issues specificially with
> GnuTLS's code quality.
Ah, I'm glad to hear that.
> You'd think there'd be a simple "OpenSSL-like" interface available
> for GnuTLS by now or something.
There is, but it was written by Steve Langasek (as I recall...) for when
this was done for OpenLDAP and was licensed under the GPL (and, yes, I
did bitch at him about this... Didn't help. :/).
I'm not sure if that compatability layer would work (in terms of being
acceptable by core) for PG in any case tho.
Thanks,
Stephen