diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 59254218c9..4e4a2cd4ac 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.98 2007/10/03 13:57:52 mha Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.99 2007/10/03 15:12:45 tgl Exp $ * * NOTES * [ Most of these notes are wrong/obsolete, but perhaps not all ] @@ -588,8 +588,8 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) #ifndef WIN32 struct stat buf2; -#endif FILE *fp; +#endif char fnbuf[MAXPGPATH]; BIO *bio; PGconn *conn = (PGconn *) SSL_get_app_data(ssl); @@ -602,27 +602,32 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) return 0; } - /* save OpenSSL error stack */ - ERR_set_mark(); - /* read the user certificate */ snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USER_CERT_FILE); /* - * OpenSSL <= 0.8.2 lacks error stack handling. Do a separate check - * for the existance of the file without using BIO functions to make - * it pick up the majority of the cases with the old versions. + * OpenSSL <= 0.9.8 lacks error stack handling, which means it's likely + * to report wrong error messages if access to the cert file fails. + * Do our own check for the readability of the file to catch the + * majority of such problems before OpenSSL gets involved. */ #ifndef HAVE_ERR_SET_MARK - if ((fp = fopen(fnbuf, "r")) == NULL) { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not open certificate file \"%s\": %s\n"), - fnbuf, pqStrerror(errno, sebuf, sizeof(sebuf))); - return 0; + FILE *fp2; + + if ((fp2 = fopen(fnbuf, "r")) == NULL) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not open certificate file \"%s\": %s\n"), + fnbuf, pqStrerror(errno, sebuf, sizeof(sebuf))); + return 0; + } + fclose(fp2); } - fclose(fp); #endif + + /* save OpenSSL error stack */ + ERR_set_mark(); if ((bio = BIO_new_file(fnbuf, "r")) == NULL) {