Skip site navigation (1) Skip section navigation (2)

Re: OpenSSL Applink

From: Dave Page <dpage(at)postgresql(dot)org>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-patches(at)postgresql(dot)org
Subject: Re: OpenSSL Applink
Date: 2007-09-28 16:26:35
Message-ID: 46FD2B3B.3000605@postgresql.org (view raw or flat)
Thread:
Lists: pgsql-patches
Tom Lane wrote:
> Dave Page <dpage(at)postgresql(dot)org> writes:
>> Andrew Dunstan wrote:
>>> Then I think I'd rather disable use of client certs for the offending 
>>> openssl versions in libpq, or let the apps die and refer the customers 
>>> to the openssl people to lobby them for a sane solution.
> 
>> If this were 8.0 I'd agree, but thats not a nice solution for those 
>> already using client certs (such as the pgAdmin user who brought this to 
>> my attention).
> 
> Doesn't really matter.  Even if we were willing to hack our own client
> apps like that (which I'm not), we can *not* transfer such a requirement
> onto every libpq-using application.  It's just not acceptable.

*We're* not transfering any requirement. I've fixed pgAdmin for example 
without any need to touch any Postgres code. If you don't want to 
include the fix (which I can quite understand) it'll just mean that the 
PG utilities won't work with client certs.

/D

In response to

Responses

pgsql-patches by date

Next:From: Marko KreenDate: 2007-09-28 16:26:46
Subject: Re: OpenSSL Applink
Previous:From: Tom LaneDate: 2007-09-28 16:13:32
Subject: Re: OpenSSL Applink

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group