Andrew Dunstan <andrew@dunslane.net> writes:
> On 02/17/2011 04:09 PM, Martijn van Oosterhout wrote:
>> This is supported. Where it goes wonky is that this also has to work
>> when the connection is via SSL. So libpq provides a function to return
>> (via a void*) a pointer to the OpenSSL structure so that can be used to
>> communicate with the server.
> Ugh. Maybe not the best design decision we've ever made.
libpq-fe.h is pretty clear on this matter:
/* Get the OpenSSL structure associated with a connection. Returns NULL for* unencrypted connections or if any other
TLSlibrary is in use. */
extern void *PQgetssl(PGconn *conn);
We are under no compulsion to emulate OpenSSL if we switch to another
library. The design intent is that we'd provide a separate function
(PQgetnss?) and callers that know how to use that library would call
that function. If they don't, it's not our problem.
regards, tom lane