Re: BUG #4869: No proper initialization of OpenSSL-Engine in libpq

On 22 jun 2009, at 17.46, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> Lars Kanis <kanis(at)comcard(dot)de> writes:
>> Am Montag, 22. Juni 2009 16:38:32 schrieben Sie:
>>> Tom Lane wrote:
>>>> IIUC this is a pre-existing bug/limitation in an extremely seldom-
>>>> used
>>>> feature that we don't have any very good way to test. So I'm not
>>>> really
>>>> excited about trying to fix it in RC at all. The chances of
>>>> breaking
>>>> something seem much higher than the usefulness of the fix would
>>>> warrant.
>
>>> I think we'll see this feature used a lot more now, since we support
>>> client certificate authentication. I bet that's the reason why
>>> Lars is
>>> using it now, but wasn't using it before. Correct, Lars?
>
>> That's right. Because clientside crypto engines and proper
>> certificate
>> authentication is supported now, I would like to use a strong
>> smartcard-based
>> login in our high security environment.
>
> OK, but I'm still worried about making a change of this sort (ie,
> modifying our interface to code that we don't control) so late in the
> release cycle. It seems like there is large potential for failure in
> contexts other than the one or two you are going to be able to test
> right now. Is there anything that can be done to reduce the risk?

I share your concerns in general. But I think we nee to take into
account that this simply does not work without the patch. So nobody
should rely on the previous behaviour - how would their application
work there... (I guess there is always a risk I get to eat those words
later if someone did, but I don't see the scenario...) in fact, this
is a but in an advertised feature in previous versions, so should
maybe even consider backpatching it base on that....

/Magnus