Thread: SSL on win32
Hello! Here is a patch to fix win32 ssl builds. Summary of changes: * Links with -leay32 and -lssleay32 instead of crypto and ssl. On win32, "crypto and ssl" is only used for static linking. * Initializes SSL in the backend and not just in the postmaster. We cannot pass the SSL context from the postmaster through the parameter file, because it contains function pointers. * Split one error check in be-secure.c. Previously we could not tell which of three calls actually failed. The previous code also returned incorrect error messages if SSL_accept() failed - that function needs to use SSL_get_error() on the return value, can't just use the error queue. * Since the win32 implementation uses non-blocking sockets "behind the scenes" in order to deliver signals correctly, implements a version of SSL_accept() that can handle this. Also, add a wait function in case SSL_read or SSL_write() needs more data. I'd appreciate it if one of the win32 guys can confirm that this patch fixes the build for them as well. //Magnus
Attachment
> -----Original Message----- > From: Magnus Hagander [mailto:mha@sollentuna.net] > Sent: 30 September 2004 23:00 > To: PostgreSQL-patches > Cc: Dave Page > Subject: SSL on win32 > > Hello! > > Here is a patch to fix win32 ssl builds. Summary of changes: > <snip> > > I'd appreciate it if one of the win32 guys can confirm that > this patch fixes the build for them as well. Yup, looks good to me. Compiles OK and SSL appears to work just fine :-) Regards, Dave.
>> Hello! >> >> Here is a patch to fix win32 ssl builds. Summary of changes: >> ><snip> >> >> I'd appreciate it if one of the win32 guys can confirm that >> this patch fixes the build for them as well. > >Yup, looks good to me. Compiles OK and SSL appears to work >just fine :-) Okay. Then please commit, assuming it's ok in other aspects. Would love to get this in the next beta of the installer :-) //Magnus
Patch applied. Thanks. --------------------------------------------------------------------------- Magnus Hagander wrote: > Hello! > > Here is a patch to fix win32 ssl builds. Summary of changes: > > * Links with -leay32 and -lssleay32 instead of crypto and ssl. On win32, > "crypto and ssl" is only used for static linking. > > * Initializes SSL in the backend and not just in the postmaster. We > cannot pass the SSL context from the postmaster through the parameter > file, because it contains function pointers. > > * Split one error check in be-secure.c. Previously we could not tell > which of three calls actually failed. The previous code also returned > incorrect error messages if SSL_accept() failed - that function needs to > use SSL_get_error() on the return value, can't just use the error queue. > > * Since the win32 implementation uses non-blocking sockets "behind the > scenes" in order to deliver signals correctly, implements a version of > SSL_accept() that can handle this. Also, add a wait function in case > SSL_read or SSL_write() needs more data. > > > I'd appreciate it if one of the win32 guys can confirm that this patch > fixes the build for them as well. > > > //Magnus Content-Description: win32_ssl.patch [ Attachment, skipping... ] > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073