> > a better fix is to explicitly create a new abstraction layer.
>
> Well, this is supposed to be an abstraction already. ;-)
The new abstraction layer would localize SSL vs. plain sockets, and
possibly SASL as well.
The SSL issues I've identified to date are:
critical
- no check for SSL_g
Bear Giles writes:
> I came across another bug in the SSL code. backend/libpq/pqcomm.c:pq_eof()
> calls recv() to read a single byte of data to check for EOF. The
> character is then stuffed into the read buffer.
> The quick fix is to add another USE_SSL block,
So it seems. Do you volunteer
I came across another bug in the SSL code. backend/libpq/pqcomm.c:pq_eof()
calls recv() to read a single byte of data to check for EOF. The
character is then stuffed into the read buffer.
This will not work with SSL. Besides the data being encrypted, you
could end up reading a byte from an SSL
