Andrew Chernow wrote:
>
> > On Tue, Feb 10, 2009 at 5:02 PM, Bruce Momjian <bruce@momjian.us> wrote:
> >> PQinitSSL(false) initializes crypto? Please point me to exact function
> >> calls that are the problem? Everything is very vague.
>
> File: src/interfaces/libpq/fe-secure.c
> Func: init_ssl_system
> Line: 823
>
> Starting at around line 853, this function prepares a lock array for
> CRYPTO_set_locking_callback. This function is not part of libssl, its
> part of libcrypto. It also calls CRYPTO_set_id_callback. The rest of
> that function appears to only make libssl calls.
>
> There should be an "if (pq_initcryptolib)" around those libcrypto calls,
> serving the same purpose as the pq_initssllib variable.
Why not just call PQinitSSL(true) and do everything in your
application?; from the libpq manual:
If you are using <acronym>SSL</> inside your application (in addition to inside <application>libpq</application>),
youcan use <function>PQinitSSL(int)</> to tell <application>libpq</application> that the <acronym>SSL</> library has
alreadybeen initialized by your application.
Actually, that wording doesn't say what the parameter means so I updated
the documentation:
If you are using <acronym>SSL</> inside your application (in addition
! to inside <application>libpq</application>), you can call
! <function>PQinitSSL(int)</> with <literal>0</> to tell
! <application>libpq</application> that the <acronym>SSL</> library
! has already been initialized by your application.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
