| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Dave Page <dpage(at)postgresql(dot)org> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: OpenSSL Applink |
| Date: | 2007-09-28 15:20:57 |
| Message-ID: | 46FD1BD9.4070202@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Dave Page wrote:
> Andrew Dunstan wrote:
>>
>>
>> Dave Page wrote:
>>>
>>> I believe we just didn't notice it until now because the older Mingw
>>> builds use the MSVC 6.0 runtimes which just happened to be
>>> compatible with the OpenSSL binary builds (we're now using 8.0), in
>>> addition to which there are relatively few people using client-side
>>> certs I'd wager.
>>>
>>>
>>
>> So SSL works without this wart if you don't have a client cert?
>
> Yep.
>
>
Then I think I'd rather disable use of client certs for the offending
openssl versions in libpq, or let the apps die and refer the customers
to the openssl people to lobby them for a sane solution.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2007-09-28 15:24:55 | Re: OpenSSL Applink |
| Previous Message | Dave Page | 2007-09-28 15:15:26 | Re: OpenSSL Applink |