| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Andrew Chernow <ac(at)esilo(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PQinitSSL broken in some use casesf |
| Date: | 2009-02-11 04:17:47 |
| Message-ID: | 200902110417.n1B4HlX29802@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian wrote:
> Andrew Chernow wrote:
> >
> > > On Tue, Feb 10, 2009 at 5:02 PM, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> > >> PQinitSSL(false) initializes crypto? Please point me to exact function
> > >> calls that are the problem? Everything is very vague.
> >
> > File: src/interfaces/libpq/fe-secure.c
> > Func: init_ssl_system
> > Line: 823
> >
> > Starting at around line 853, this function prepares a lock array for
> > CRYPTO_set_locking_callback. This function is not part of libssl, its
> > part of libcrypto. It also calls CRYPTO_set_id_callback. The rest of
> > that function appears to only make libssl calls.
> >
> > There should be an "if (pq_initcryptolib)" around those libcrypto calls,
> > serving the same purpose as the pq_initssllib variable.
>
> Why not just call PQinitSSL(true) and do everything in your
Sorry, meant 'false'. Also, I read Merlin's comments and understand he
doesn't want his application to have to set up SSL.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-02-11 04:18:24 | Re: GIN fast insert |
| Previous Message | Bruce Momjian | 2009-02-11 04:09:25 | Re: PQinitSSL broken in some use casesf |