Re: libpq's multi-threaded SSL callback handling is busted

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Jan Urbański <wulczer(at)wulczer(dot)org>
Cc: Pg Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: libpq's multi-threaded SSL callback handling is busted
Date: 2015-04-09 18:01:23
Message-ID: 5526BE73.7050603@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 2/12/15 7:28 AM, Jan Urbański wrote:
> +#if OPENSSL_VERSION_NUMBER < 0x10000000
> +/* OpenSSL 1.0.0 deprecates the CRYPTO_set_id_callback function and provides a
> + * default implementation, so there's no need for our own. */

I have some additional concerns about this. It is true that OpenSSL
1.0.0 deprecates CRYPTO_set_id_callback(), but it replaces it with
CRYPTO_THREADID_set_callback(). There is no indication that you don't
need to set a callback anymore. The man page
(https://www.openssl.org/docs/crypto/threads.html) still says you need
to set two callbacks, and points to the new interface.

It is true that there is a fallback implementation for some platforms,
but there is no indication that one is invited to rely on those. Let's
keep in mind that libpq is potentially used on obscure platforms, so I'd
rather stick with the documented approaches.

I suggest you remove this part from your patch and submit a separate
patch for consideration if you want to.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Pavel Stehule 2015-04-09 18:48:35 raw output from copy
Previous Message Sawada Masahiko 2015-04-09 17:52:39 Re: Proposal : REINDEX xxx VERBOSE