On Tue, Sep 13, 2016 at 1:51 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote:
> I planned to commit this today, but while reading through it and testing, I
> ended up doing a bunch more changes, so this deserves another round of
> review.

OK, I am giving it a try. Note to people using OSX: at least for brew
there is the formula openssl@1.1 that you can use with the following
Postgres is not the only broken thing, so they kept the formula
openssl to 1.0.2.

> Changes since last version:
> * Added more error checks to the my_BIO_s_socket() function. Check for NULL
> result from malloc(). Check the return code of BIO_meth_set_*() functions;
> looking at OpenSSL sources, they always succeed, but all the test/example
> programs that come with OpenSSL do check them.
> * Use BIO_get_new_index() to get the index number for the wrapper BIO.
> * Also call BIO_meth_set_puts(). It was missing in previous patch versions.
> * Fixed src/test/ssl test suite to also work with OpenSSL 1.1.0.
> * Changed all references (in existing code) to SSLEAY_VERSION_NUMBER into
> OPENSSL_VERSION_NUMBER, for consistency.
> * Squashed all into one patch.
> I intend to apply this to all supported branches, so please have a look!
> This is now against REL9_6_STABLE, but there should be little difference
> between branches in the code that this touches.

I just took a look at this patch, testing it on the way with 1.1.0 and
1.0.2. And it looks in pretty good shape.

+   ResourceOwner owner;
+   struct OSSLDigest *next;
+   struct OSSLDigest *prev;
This could be done as well with a list of pg_list, the cost being a
couple of extra calls to switch memory contexts, but it would simplify
free_openssldigest when cleaning up an entry. I guessed you already
thought about that but discarded it?

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to