Re: Bug #838: SSL problems in 7.3

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: Bug #838: SSL problems in 7.3
Дата
Msg-id 200212122244.gBCMiEL09800@candle.pha.pa.us
обсуждение исходный текст
Ответ на Re: Bug #838: SSL problems in 7.3  (Nathan Mueller <nmueller@cs.wisc.edu>)
Список pgsql-bugs
Дерево обсуждения 
Nathan Mueller wrote:
> Ok, I tested this out with TLSv1 and it worked fine. I found that the
> same mistake was being made on the client side of things too so I
> included a patch for that too.

OK, attached is the patch that I applied.  It does strerror() but no
elog(ERROR) on the server side if SSL_get_error() returns
SSL_ERROR_SYSCALL and SSL_read() returns 0 rather than -1.  This logic
matches the SSL_get_error() manual page.

I found a few cases you missed.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
Index: src/backend/libpq/be-secure.c
===================================================================
RCS file: /cvsroot/pgsql-server/src/backend/libpq/be-secure.c,v
retrieving revision 1.16
diff -c -c -r1.16 be-secure.c
*** src/backend/libpq/be-secure.c    7 Nov 2002 18:45:51 -0000    1.16
--- src/backend/libpq/be-secure.c    12 Dec 2002 22:37:32 -0000
***************
*** 288,294 ****
              case SSL_ERROR_WANT_READ:
                  break;
              case SSL_ERROR_SYSCALL:
!                 elog(ERROR, "SSL SYSCALL error: %s", strerror(errno));
                  break;
              case SSL_ERROR_SSL:
                  elog(ERROR, "SSL error: %s", SSLerrmessage());
--- 288,297 ----
              case SSL_ERROR_WANT_READ:
                  break;
              case SSL_ERROR_SYSCALL:
!                 if (n == -1)
!                     elog(ERROR, "SSL SYSCALL error: %s", strerror(errno));
!                 else
!                     strerror(errno));
                  break;
              case SSL_ERROR_SSL:
                  elog(ERROR, "SSL error: %s", SSLerrmessage());
***************
*** 337,343 ****
              case SSL_ERROR_WANT_WRITE:
                  break;
              case SSL_ERROR_SYSCALL:
!                 elog(ERROR, "SSL SYSCALL error: %s", strerror(errno));
                  break;
              case SSL_ERROR_SSL:
                  elog(ERROR, "SSL error: %s", SSLerrmessage());
--- 340,349 ----
              case SSL_ERROR_WANT_WRITE:
                  break;
              case SSL_ERROR_SYSCALL:
!                 if (n == -1)
!                     elog(ERROR, "SSL SYSCALL error: %s", strerror(errno));
!                 else
!                     strerror(errno));
                  break;
              case SSL_ERROR_SSL:
                  elog(ERROR, "SSL error: %s", SSLerrmessage());
Index: src/interfaces/libpq/fe-secure.c
===================================================================
RCS file: /cvsroot/pgsql-server/src/interfaces/libpq/fe-secure.c,v
retrieving revision 1.16
diff -c -c -r1.16 fe-secure.c
*** src/interfaces/libpq/fe-secure.c    7 Nov 2002 18:45:51 -0000    1.16
--- src/interfaces/libpq/fe-secure.c    12 Dec 2002 22:37:34 -0000
***************
*** 270,276 ****
              case SSL_ERROR_WANT_READ:
                  break;
              case SSL_ERROR_SYSCALL:
!                 printfPQExpBuffer(&conn->errorMessage,
                                  libpq_gettext("SSL SYSCALL error: %s\n"),
                                    SOCK_STRERROR(SOCK_ERRNO));
                  break;
--- 270,277 ----
              case SSL_ERROR_WANT_READ:
                  break;
              case SSL_ERROR_SYSCALL:
!                 if (n == -1)
!                     printfPQExpBuffer(&conn->errorMessage,
                                  libpq_gettext("SSL SYSCALL error: %s\n"),
                                    SOCK_STRERROR(SOCK_ERRNO));
                  break;
***************
*** 315,321 ****
              case SSL_ERROR_WANT_WRITE:
                  break;
              case SSL_ERROR_SYSCALL:
!                 printfPQExpBuffer(&conn->errorMessage,
                                  libpq_gettext("SSL SYSCALL error: %s\n"),
                                    SOCK_STRERROR(SOCK_ERRNO));
                  break;
--- 316,323 ----
              case SSL_ERROR_WANT_WRITE:
                  break;
              case SSL_ERROR_SYSCALL:
!                 if (n == -1)
!                     printfPQExpBuffer(&conn->errorMessage,
                                  libpq_gettext("SSL SYSCALL error: %s\n"),
                                    SOCK_STRERROR(SOCK_ERRNO));
                  break;

В списке pgsql-bugs по дате отправления:

Предыдущее
От: pgsql-bugs@postgresql.org
Дата:
Сообщение: Bug #847: plpgsql 'raise notice' > 4000 chars disconnects pgsql backend 7.2.1
Следующее
От: Neil Conway
Дата:
Сообщение: Re: postmaster segfaults when pg_hba.cof is missing