Re: cryptohash: missing locking functions for OpenSSL <= 1.0.2?
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Jacob Champion <pchampion@vmware.com>
Cc: "pgsql-hackers@lists.postgresql.org" <pgsql-hackers@lists.postgresql.org>
Date: 2021-03-10T08:21:53Z
Lists: pgsql-hackers
Attachments
- cryptohash-libpq-v3.patch (text/x-diff) patch v3
On Mon, Mar 08, 2021 at 06:06:32PM +0000, Jacob Champion wrote: > I had to convince myself that this logic is correct -- we set > destroy_needed even if crypto is not enabled, but then check later to > make sure that crypto_loaded is true before doing anything. What would > you think about moving the conn->crypto_loaded check to the else > branch, so that destroy_needed is only set if we actually need it? Do you mean something like the attached? If I recall my mood from the moment, I think that I did that to be more careful with the case where the client has its own set of callbacks set (pq_init_crypto_lib as false) but that does not matter as this is double-checked in destroy_ssl_system(). I have adjusted some comments after more review. -- Michael
Commits
-
Set libcrypto callbacks for all connection threads in libpq
- 2c0cefcd1816 14.0 landed