| From: | Jan Urbański <wulczer(at)wulczer(dot)org> |
|---|---|
| To: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: libpq's multi-threaded SSL callback handling is busted |
| Date: | 2015-02-11 17:20:08 |
| Message-ID: | 87a90kmjyc.fsf@wulczer.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Jan Urbański writes:
> I did some more digging on bug
> http://www.postgresql.org/message-id/CAHUL3dpWYFnUgdgo95OHYDQ4kugdnBKPTjq0mNbTuBhCMG4xvQ@mail.gmail.com
> which describes a deadlock when using libpq with SSL in a multi-threaded
> environment with other threads doing SSL independently.
>
> [reproducing instructions]
>
> I posit we should remove all CRYPTO_set_*_callback functions and associated
> cruft from libpq.
>
> I could submit a patch to get rid of the crazy CRYPTO_*_callback dance in
> libpq, but at the very least this will require a warning in the release notes
Attached is a patch doing just that.
> I would very much like to have this change back-patched, since setting and
> resetting the callback makes using libpq in a threaded OpenSSL-enabled app
> arguably less safe than if it didn't use any locking.
Also attached is a patch for 9.4 and all previous supported releases, which is
the same thing, but adjusted for when we didn't have a separate fe-secure.c and
fe-secure-openssl.c
If committed, this change will warrant a notice in the release notes. I could
try drafting it, if that'd be helpful.
Cheers,
Jan
| Attachment | Content-Type | Size |
|---|---|---|
| remove-libpq-crypto-callbacks.patch | text/x-diff | 7.9 KB |
| remove-libpq-crypto-callbacks-9.4.patch | text/x-diff | 8.9 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thom Brown | 2015-02-11 17:55:57 | Standby receiving part of missing WAL segment |
| Previous Message | Stephen Frost | 2015-02-11 17:17:23 | Re: reducing our reliance on MD5 |