| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Dave Page <dpage(at)postgresql(dot)org> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: OpenSSL Applink |
| Date: | 2007-09-28 21:08:46 |
| Message-ID: | 46FD6D5E.7010501@hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Dave Page wrote:
> Magnus Hagander wrote:
>> Dave Page wrote:
>>> Dave Page wrote:
>>>> Dave Page wrote:
>>>>> I did stumble across this text on a mailing list in response to someone
>>>>> with a similar problem in some JNI code. I know little of the OpenSSL
>>>>> API, but perhaps it rings bells with you before I spend my evening
>>>>> trying to figure it out?
>>>> OK, I think I've figured out a fix. Working up a patch now...
>>> Patch attached.
>> (sorry, been offline for the day)
>>
>> Is there any reason not to just do this on *all* platforms, and get rid
>> of all the #ifdefs?
>
> Yes, (see the comment in the code). We stat the private key on *nix to
> ensure it hasn't changed underneath us which can't be done using the BIO
> functions... though I wonder if we can get the FILE pointer from BIO and
> do it that way. Should be as safe on *nix as what we currently do.
Hrrm. Obviously, I need to go sleep now. Sorry about that.
But it'd be nice to get rid of all those #ifdef blocks..
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2007-09-28 21:22:03 | Re: OpenSSL Applink |
| Previous Message | Bruce Momjian | 2007-09-28 21:04:27 | TCL fix in HEAD |