|From:||Jan Urbański <wulczer(at)wulczer(dot)org>|
|To:||Pg Hackers <pgsql-hackers(at)postgresql(dot)org>|
|Subject:||Re: libpq's multi-threaded SSL callback handling is busted|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
Jan Urbański writes:
> I did some more digging on bug
> which describes a deadlock when using libpq with SSL in a multi-threaded
> environment with other threads doing SSL independently.
> [reproducing instructions]
> I posit we should remove all CRYPTO_set_*_callback functions and associated
> cruft from libpq.
> I could submit a patch to get rid of the crazy CRYPTO_*_callback dance in
> libpq, but at the very least this will require a warning in the release notes
Attached is a patch doing just that.
> I would very much like to have this change back-patched, since setting and
> resetting the callback makes using libpq in a threaded OpenSSL-enabled app
> arguably less safe than if it didn't use any locking.
Also attached is a patch for 9.4 and all previous supported releases, which is
the same thing, but adjusted for when we didn't have a separate fe-secure.c and
If committed, this change will warrant a notice in the release notes. I could
try drafting it, if that'd be helpful.
|Next Message||Thom Brown||2015-02-11 17:55:57||Standby receiving part of missing WAL segment|
|Previous Message||Stephen Frost||2015-02-11 17:17:23||Re: reducing our reliance on MD5|