From 39a9496d51e64f68cb7792c7014f4a388121ec89 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Mon, 4 Aug 2003 17:25:14 +0000
Subject: [PATCH] Fix some more problems with testing error returns from SSL.
---
src/interfaces/libpq/fe-misc.c | 13 ++++++++++++-
src/interfaces/libpq/fe-secure.c | 14 +++++++++++---
2 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c
index 2e27255fa06..cf668e10ba3 100644
--- a/src/interfaces/libpq/fe-misc.c
+++ b/src/interfaces/libpq/fe-misc.c
@@ -23,7 +23,7 @@
* Portions Copyright (c) 1994, Regents of the University of California
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.100 2003/08/04 02:40:17 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.101 2003/08/04 17:25:14 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -648,7 +648,18 @@ retry3:
* file is ready. Grumble. Fortunately, we don't expect this path to
* be taken much, since in normal practice we should not be trying to
* read data unless the file selected for reading already.
+ *
+ * In SSL mode it's even worse: SSL_read() could say WANT_READ and then
+ * data could arrive before we make the pqReadReady() test. So we must
+ * play dumb and assume there is more data, relying on the SSL layer to
+ * detect true EOF.
*/
+
+#ifdef USE_SSL
+ if (conn->ssl)
+ return 0;
+#endif
+
switch (pqReadReady(conn))
{
case 0:
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c
index 5714680c7cf..b116c523b7f 100644
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@@ -11,7 +11,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.28 2003/08/04 02:40:20 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.29 2003/08/04 17:25:14 tgl Exp $
*
* NOTES
* The client *requires* a valid server certificate. Since
@@ -308,9 +308,13 @@ rloop:
libpq_gettext("SSL SYSCALL error: %s\n"),
SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
else
+ {
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
+ SOCK_ERRNO = ECONNRESET;
+ n = -1;
+ }
break;
}
case SSL_ERROR_SSL:
@@ -318,13 +322,13 @@ rloop:
libpq_gettext("SSL error: %s\n"), SSLerrmessage());
/* fall through */
case SSL_ERROR_ZERO_RETURN:
- pqsecure_close(conn);
SOCK_ERRNO = ECONNRESET;
n = -1;
break;
default:
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("Unknown SSL error code\n"));
+ n = -1;
break;
}
}
@@ -376,8 +380,12 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
libpq_gettext("SSL SYSCALL error: %s\n"),
SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
else
+ {
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
+ SOCK_ERRNO = ECONNRESET;
+ n = -1;
+ }
break;
}
case SSL_ERROR_SSL:
@@ -385,13 +393,13 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
libpq_gettext("SSL error: %s\n"), SSLerrmessage());
/* fall through */
case SSL_ERROR_ZERO_RETURN:
- pqsecure_close(conn);
SOCK_ERRNO = ECONNRESET;
n = -1;
break;
default:
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("Unknown SSL error code\n"));
+ n = -1;
break;
}
}
--
GitLab