mirror of
https://git.postgresql.org/git/postgresql.git
synced 2025-01-06 15:24:56 +08:00
SSL_read/SSL_write do not approximate the return conventions of recv()
and send() very well at all; and in any case we can't use retval==0 for EOF due to race conditions. Make the same fixes in the backend as are required in libpq.
This commit is contained in:
parent
39a9496d51
commit
e8e1d4553c
@ -11,7 +11,7 @@
|
|||||||
*
|
*
|
||||||
*
|
*
|
||||||
* IDENTIFICATION
|
* IDENTIFICATION
|
||||||
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.39 2003/08/04 02:39:59 momjian Exp $
|
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.40 2003/08/04 17:58:14 tgl Exp $
|
||||||
*
|
*
|
||||||
* Since the server static private key ($DataDir/server.key)
|
* Since the server static private key ($DataDir/server.key)
|
||||||
* will normally be stored unencrypted so that the database
|
* will normally be stored unencrypted so that the database
|
||||||
@ -273,9 +273,13 @@ rloop:
|
|||||||
(errcode_for_socket_access(),
|
(errcode_for_socket_access(),
|
||||||
errmsg("SSL SYSCALL error: %m")));
|
errmsg("SSL SYSCALL error: %m")));
|
||||||
else
|
else
|
||||||
|
{
|
||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
||||||
errmsg("SSL SYSCALL error: EOF detected")));
|
errmsg("SSL SYSCALL error: EOF detected")));
|
||||||
|
errno = ECONNRESET;
|
||||||
|
n = -1;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case SSL_ERROR_SSL:
|
case SSL_ERROR_SSL:
|
||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
@ -283,7 +287,6 @@ rloop:
|
|||||||
errmsg("SSL error: %s", SSLerrmessage())));
|
errmsg("SSL error: %s", SSLerrmessage())));
|
||||||
/* fall through */
|
/* fall through */
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
secure_close(port);
|
|
||||||
errno = ECONNRESET;
|
errno = ECONNRESET;
|
||||||
n = -1;
|
n = -1;
|
||||||
break;
|
break;
|
||||||
@ -291,6 +294,7 @@ rloop:
|
|||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
||||||
errmsg("unrecognized SSL error code")));
|
errmsg("unrecognized SSL error code")));
|
||||||
|
n = -1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -353,9 +357,13 @@ wloop:
|
|||||||
(errcode_for_socket_access(),
|
(errcode_for_socket_access(),
|
||||||
errmsg("SSL SYSCALL error: %m")));
|
errmsg("SSL SYSCALL error: %m")));
|
||||||
else
|
else
|
||||||
|
{
|
||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
||||||
errmsg("SSL SYSCALL error: EOF detected")));
|
errmsg("SSL SYSCALL error: EOF detected")));
|
||||||
|
errno = ECONNRESET;
|
||||||
|
n = -1;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case SSL_ERROR_SSL:
|
case SSL_ERROR_SSL:
|
||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
@ -363,7 +371,6 @@ wloop:
|
|||||||
errmsg("SSL error: %s", SSLerrmessage())));
|
errmsg("SSL error: %s", SSLerrmessage())));
|
||||||
/* fall through */
|
/* fall through */
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
secure_close(port);
|
|
||||||
errno = ECONNRESET;
|
errno = ECONNRESET;
|
||||||
n = -1;
|
n = -1;
|
||||||
break;
|
break;
|
||||||
@ -371,6 +378,7 @@ wloop:
|
|||||||
ereport(COMMERROR,
|
ereport(COMMERROR,
|
||||||
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
(errcode(ERRCODE_PROTOCOL_VIOLATION),
|
||||||
errmsg("unrecognized SSL error code")));
|
errmsg("unrecognized SSL error code")));
|
||||||
|
n = -1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user