Skip site navigation (1) Skip section navigation (2)

Re: PQinitSSL broken in some use casesf

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Andrew Chernow <ac(at)esilo(dot)com>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: PQinitSSL broken in some use casesf
Date: 2009-01-30 21:52:38
Message-ID: 200901302152.n0ULqc205768@momjian.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Andrew Chernow wrote:
> I am using a library that links with and initializes libcrypto (ie. 
> CRYPTO_set_locking_callback) but not SSL.  This causes problems even 
> when using PQinitSSL(FALSE) because things like SSL_library_init(); are 
> not called (unless I manually call them, copy and paste code from 
> fe-secure.c which may change).  If libpq does init ssl, it overwrites 
> (and breaks) the other library's crypto.
> 
> Shouldn't crypto and ssl init be treated as two different things?  If 
> not, how does one determine a version portable way of initializing SSL 
> in a manner required by libpq?  Lots of apps using encryption but don't 
> necessarily use ssl, so they need to know how to init ssl for libpq.

I didn't realize they were could be initialized separately, so we really
don't have an answer for you.  This is the first time I have heard of
this requirement.

-- 
  Bruce Momjian  <bruce(at)momjian(dot)us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

In response to

Responses

pgsql-hackers by date

Next:From: Josh BerkusDate: 2009-01-30 22:02:35
Subject: Re: How to get SE-PostgreSQL acceptable
Previous:From: Merlin MoncureDate: 2009-01-30 21:50:14
Subject: Re: using composite types in insert/update

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group