| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Heikki Linnakangas <heikki(at)enterprisedb(dot)com> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Dave Page <dpage(at)postgresql(dot)org>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: OpenSSL Applink |
| Date: | 2007-10-03 17:58:23 |
| Message-ID: | 27507.1191434303@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Heikki Linnakangas <heikki(at)enterprisedb(dot)com> writes:
> I guess you guys already found a solution that works, but there's yet
> another function, "BIO *BIO_new_mem_buf(void *data, int len)", that we
> could use. We could open and read the file all by ourselves into memory,
> then call BIO_new_mem_buf and pass that to PEM_read_X509. No need to
> pass around file pointers, and we could handle any file I/O errors
> ourselves. Presumably certificates are never very big, so reading it all
> in memory shouldn't be a problem.
> BIO_new_mem_buf was introduced in OpenSSL 0.9.7. What versions do we
> support?
This seems like a good idea. To judge from the release history at
http://www.openssl.org/news/
the OpenSSL boys stopped supporting 0.9.6 in 2004, so I figure we
don't have to support it either. But 0.9.7 is still a live release
branch, so it'd be good if we could play nice with it.
http://www.openssl.org/docs/crypto/BIO_s_mem.html
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2007-10-03 19:16:23 | Re: OpenSSL Applink |
| Previous Message | Tom Lane | 2007-10-03 17:23:09 | Re: initdb of regression test failed. |