Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit5674460

Browse files
committed
Fix error recovery for SSL_read/SSL_write calls.
1 parent76b45c9 commit5674460

File tree

2 files changed

+47
-23
lines changed

2 files changed

+47
-23
lines changed

‎src/backend/libpq/be-secure.c

Lines changed: 24 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.28 2003/03/29 05:00:15 momjian Exp $
14+
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.29 2003/04/10 23:03:08 tgl Exp $
1515
*
1616
* Since the server static private key ($DataDir/server.key)
1717
* will normally be stored unencrypted so that the database
@@ -276,21 +276,21 @@ secure_read(Port *port, void *ptr, size_t len)
276276
#ifdefUSE_SSL
277277
if (port->ssl)
278278
{
279+
rloop:
279280
n=SSL_read(port->ssl,ptr,len);
280281
switch (SSL_get_error(port->ssl,n))
281282
{
282283
caseSSL_ERROR_NONE:
283284
port->count+=n;
284285
break;
285286
caseSSL_ERROR_WANT_READ:
286-
n=secure_read(port,ptr,len);
287-
break;
288287
caseSSL_ERROR_WANT_WRITE:
289-
n=secure_write(port,ptr,len);
290-
break;
288+
gotorloop;
291289
caseSSL_ERROR_SYSCALL:
292290
if (n==-1)
293-
elog(COMMERROR,"SSL SYSCALL error: %s",strerror(errno));
291+
elog(COMMERROR,"SSL SYSCALL error: %m");
292+
else
293+
elog(COMMERROR,"SSL SYSCALL error: EOF detected");
294294
break;
295295
caseSSL_ERROR_SSL:
296296
elog(COMMERROR,"SSL error: %s",SSLerrmessage());
@@ -300,6 +300,9 @@ secure_read(Port *port, void *ptr, size_t len)
300300
errno=ECONNRESET;
301301
n=-1;
302302
break;
303+
default:
304+
elog(COMMERROR,"Unknown SSL error code");
305+
break;
303306
}
304307
}
305308
else
@@ -322,33 +325,33 @@ secure_write(Port *port, void *ptr, size_t len)
322325
{
323326
if (port->count>RENEGOTIATION_LIMIT)
324327
{
325-
SSL_set_session_id_context(port->ssl, (void*)&SSL_context,sizeof(SSL_context));
326-
327-
if (SSL_renegotiate(port->ssl) <=0)
328-
elog(COMMERROR,"SSL renegotiation failure");
328+
SSL_set_session_id_context(port->ssl, (void*)&SSL_context,
329+
sizeof(SSL_context));
330+
if (SSL_renegotiate(port->ssl) <=0)
331+
elog(COMMERROR,"SSL renegotiation failure");
329332
if (SSL_do_handshake(port->ssl) <=0)
330-
elog(COMMERROR,"SSL renegotiation failure");
331-
port->ssl->state=SSL_ST_ACCEPT;
333+
elog(COMMERROR,"SSL renegotiation failure");
334+
port->ssl->state=SSL_ST_ACCEPT;
332335
if (SSL_do_handshake(port->ssl) <=0)
333-
elog(COMMERROR,"SSL renegotiation failure");
336+
elog(COMMERROR,"SSL renegotiation failure");
334337
port->count=0;
335338
}
336339

340+
wloop:
337341
n=SSL_write(port->ssl,ptr,len);
338342
switch (SSL_get_error(port->ssl,n))
339343
{
340344
caseSSL_ERROR_NONE:
341345
port->count+=n;
342346
break;
343347
caseSSL_ERROR_WANT_READ:
344-
n=secure_read(port,ptr,len);
345-
break;
346348
caseSSL_ERROR_WANT_WRITE:
347-
n=secure_write(port,ptr,len);
348-
break;
349+
gotowloop;
349350
caseSSL_ERROR_SYSCALL:
350351
if (n==-1)
351-
elog(COMMERROR,"SSL SYSCALL error: %s",strerror(errno));
352+
elog(COMMERROR,"SSL SYSCALL error: %m");
353+
else
354+
elog(COMMERROR,"SSL SYSCALL error: EOF detected");
352355
break;
353356
caseSSL_ERROR_SSL:
354357
elog(COMMERROR,"SSL error: %s",SSLerrmessage());
@@ -358,6 +361,9 @@ secure_write(Port *port, void *ptr, size_t len)
358361
errno=ECONNRESET;
359362
n=-1;
360363
break;
364+
default:
365+
elog(COMMERROR,"Unknown SSL error code");
366+
break;
361367
}
362368
}
363369
else

‎src/interfaces/libpq/fe-secure.c

Lines changed: 23 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.21 2003/02/03 22:33:51 tgl Exp $
14+
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.22 2003/04/10 23:03:08 tgl Exp $
1515
*
1616
* NOTES
1717
* The client *requires* a valid server certificate. Since
@@ -266,19 +266,24 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
266266
#ifdefUSE_SSL
267267
if (conn->ssl)
268268
{
269+
rloop:
269270
n=SSL_read(conn->ssl,ptr,len);
270271
switch (SSL_get_error(conn->ssl,n))
271272
{
272273
caseSSL_ERROR_NONE:
273274
break;
274275
caseSSL_ERROR_WANT_READ:
275-
n=pqsecure_read(conn,ptr,len);
276-
break;
276+
caseSSL_ERROR_WANT_WRITE:
277+
/* XXX to support nonblock I/O, we should return 0 here */
278+
gotorloop;
277279
caseSSL_ERROR_SYSCALL:
278280
if (n==-1)
279281
printfPQExpBuffer(&conn->errorMessage,
280282
libpq_gettext("SSL SYSCALL error: %s\n"),
281283
SOCK_STRERROR(SOCK_ERRNO));
284+
else
285+
printfPQExpBuffer(&conn->errorMessage,
286+
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
282287
break;
283288
caseSSL_ERROR_SSL:
284289
printfPQExpBuffer(&conn->errorMessage,
@@ -289,6 +294,10 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
289294
SOCK_ERRNO=ECONNRESET;
290295
n=-1;
291296
break;
297+
default:
298+
printfPQExpBuffer(&conn->errorMessage,
299+
libpq_gettext("Unknown SSL error code\n"));
300+
break;
292301
}
293302
}
294303
else
@@ -313,19 +322,24 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
313322
#ifdefUSE_SSL
314323
if (conn->ssl)
315324
{
325+
wloop:
316326
n=SSL_write(conn->ssl,ptr,len);
317327
switch (SSL_get_error(conn->ssl,n))
318328
{
319329
caseSSL_ERROR_NONE:
320330
break;
331+
caseSSL_ERROR_WANT_READ:
321332
caseSSL_ERROR_WANT_WRITE:
322-
n=pqsecure_write(conn,ptr,len);
323-
break;
333+
/* XXX to support nonblock I/O, we should return 0 here */
334+
gotowloop;
324335
caseSSL_ERROR_SYSCALL:
325336
if (n==-1)
326337
printfPQExpBuffer(&conn->errorMessage,
327338
libpq_gettext("SSL SYSCALL error: %s\n"),
328339
SOCK_STRERROR(SOCK_ERRNO));
340+
else
341+
printfPQExpBuffer(&conn->errorMessage,
342+
libpq_gettext("SSL SYSCALL error: EOF detected\n"));
329343
break;
330344
caseSSL_ERROR_SSL:
331345
printfPQExpBuffer(&conn->errorMessage,
@@ -336,6 +350,10 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
336350
SOCK_ERRNO=ECONNRESET;
337351
n=-1;
338352
break;
353+
default:
354+
printfPQExpBuffer(&conn->errorMessage,
355+
libpq_gettext("Unknown SSL error code\n"));
356+
break;
339357
}
340358
}
341359
else

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp