From: Tom Lane Date: Mon, 4 Aug 2003 17:25:14 +0000 (+0000) Subject: Fix some more problems with testing error returns from SSL. X-Git-Tag: REL7_4_BETA1~14 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=39a9496d51e64f68cb7792c7014f4a388121ec89;p=postgresql Fix some more problems with testing error returns from SSL. --- diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c index 2e27255fa0..cf668e10ba 100644 --- a/src/interfaces/libpq/fe-misc.c +++ b/src/interfaces/libpq/fe-misc.c @@ -23,7 +23,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.100 2003/08/04 02:40:17 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.101 2003/08/04 17:25:14 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -648,7 +648,18 @@ retry3: * file is ready. Grumble. Fortunately, we don't expect this path to * be taken much, since in normal practice we should not be trying to * read data unless the file selected for reading already. + * + * In SSL mode it's even worse: SSL_read() could say WANT_READ and then + * data could arrive before we make the pqReadReady() test. So we must + * play dumb and assume there is more data, relying on the SSL layer to + * detect true EOF. */ + +#ifdef USE_SSL + if (conn->ssl) + return 0; +#endif + switch (pqReadReady(conn)) { case 0: diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 5714680c7c..b116c523b7 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.28 2003/08/04 02:40:20 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.29 2003/08/04 17:25:14 tgl Exp $ * * NOTES * The client *requires* a valid server certificate. Since @@ -308,9 +308,13 @@ rloop: libpq_gettext("SSL SYSCALL error: %s\n"), SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf))); else + { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("SSL SYSCALL error: EOF detected\n")); + SOCK_ERRNO = ECONNRESET; + n = -1; + } break; } case SSL_ERROR_SSL: @@ -318,13 +322,13 @@ rloop: libpq_gettext("SSL error: %s\n"), SSLerrmessage()); /* fall through */ case SSL_ERROR_ZERO_RETURN: - pqsecure_close(conn); SOCK_ERRNO = ECONNRESET; n = -1; break; default: printfPQExpBuffer(&conn->errorMessage, libpq_gettext("Unknown SSL error code\n")); + n = -1; break; } } @@ -376,8 +380,12 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len) libpq_gettext("SSL SYSCALL error: %s\n"), SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf))); else + { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("SSL SYSCALL error: EOF detected\n")); + SOCK_ERRNO = ECONNRESET; + n = -1; + } break; } case SSL_ERROR_SSL: @@ -385,13 +393,13 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len) libpq_gettext("SSL error: %s\n"), SSLerrmessage()); /* fall through */ case SSL_ERROR_ZERO_RETURN: - pqsecure_close(conn); SOCK_ERRNO = ECONNRESET; n = -1; break; default: printfPQExpBuffer(&conn->errorMessage, libpq_gettext("Unknown SSL error code\n")); + n = -1; break; } }