From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | Jan Urbański <wulczer(at)wulczer(dot)org> |
Cc: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: libpq's multi-threaded SSL callback handling is busted |
Date: | 2015-04-09 18:01:23 |
Message-ID: | 5526BE73.7050603@gmx.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2/12/15 7:28 AM, Jan Urbański wrote:
> +#if OPENSSL_VERSION_NUMBER < 0x10000000
> +/* OpenSSL 1.0.0 deprecates the CRYPTO_set_id_callback function and provides a
> + * default implementation, so there's no need for our own. */
I have some additional concerns about this. It is true that OpenSSL
1.0.0 deprecates CRYPTO_set_id_callback(), but it replaces it with
CRYPTO_THREADID_set_callback(). There is no indication that you don't
need to set a callback anymore. The man page
(https://www.openssl.org/docs/crypto/threads.html) still says you need
to set two callbacks, and points to the new interface.
It is true that there is a fallback implementation for some platforms,
but there is no indication that one is invited to rely on those. Let's
keep in mind that libpq is potentially used on obscure platforms, so I'd
rather stick with the documented approaches.
I suggest you remove this part from your patch and submit a separate
patch for consideration if you want to.
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2015-04-09 18:48:35 | raw output from copy |
Previous Message | Sawada Masahiko | 2015-04-09 17:52:39 | Re: Proposal : REINDEX xxx VERBOSE |