mirror of
https://github.com/postgres/postgres.git
synced 2026-02-22 01:11:05 -05:00
55754380f3
I've been working with Nick Phillips on an issue he ran into when trying to use threads with SSL client certificates. As it turns out, the call in initialize_SSL() to SSL_CTX_use_certificate_chain_file() will modify our SSL_context without any protection from other threads also calling that function or being at some other point and trying to read from SSL_context. To protect against this, I've written up the attached (based on an initial patch from Nick and much subsequent discussion) which puts locks around SSL_CTX_use_certificate_chain_file() and all of the other users of SSL_context which weren't already protected. Nick Phillips, much reworked by Stephen Frost Back-patch to 9.0 where we started loading the cert directly instead of using a callback. |
||
|---|---|---|
| .. | ||
| po | ||
| test | ||
| .gitignore | ||
| bcc32.mak | ||
| exports.txt | ||
| fe-auth.c | ||
| fe-auth.h | ||
| fe-connect.c | ||
| fe-exec.c | ||
| fe-lobj.c | ||
| fe-misc.c | ||
| fe-print.c | ||
| fe-protocol2.c | ||
| fe-protocol3.c | ||
| fe-secure.c | ||
| libpq-events.c | ||
| libpq-events.h | ||
| libpq-fe.h | ||
| libpq-int.h | ||
| libpq.rc.in | ||
| Makefile | ||
| nls.mk | ||
| pg_service.conf.sample | ||
| pqexpbuffer.c | ||
| pqexpbuffer.h | ||
| pthread-win32.c | ||
| README | ||
| win32.c | ||
| win32.h | ||
| win32.mak | ||
src/interfaces/libpq/README This directory contains the C version of Libpq, the POSTGRES frontend library.