Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit76a6ddf

Browse files
committed
Attempt to open certificate file "manually" using fopen before
trying BIO functions.Helps problem with older versions of OpenSSL that lacks errorstack functions and would show an incorrect error message forfile-not-found-or-not-openable. The problem may still exist forother errors, but file open error is by far the most common one.
1 parent2890c33 commit76a6ddf

File tree

1 file changed

+19
-2
lines changed

1 file changed

+19
-2
lines changed

‎src/interfaces/libpq/fe-secure.c

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.97 2007/10/02 22:01:02 neilc Exp $
14+
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.98 2007/10/03 13:57:52 mha Exp $
1515
*
1616
* NOTES
1717
* [ Most of these notes are wrong/obsolete, but perhaps not all ]
@@ -588,8 +588,8 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
588588

589589
#ifndefWIN32
590590
structstatbuf2;
591-
FILE*fp;
592591
#endif
592+
FILE*fp;
593593
charfnbuf[MAXPGPATH];
594594
BIO*bio;
595595
PGconn*conn= (PGconn*)SSL_get_app_data(ssl);
@@ -607,6 +607,23 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
607607

608608
/* read the user certificate */
609609
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,USER_CERT_FILE);
610+
611+
/*
612+
* OpenSSL <= 0.8.2 lacks error stack handling. Do a separate check
613+
* for the existance of the file without using BIO functions to make
614+
* it pick up the majority of the cases with the old versions.
615+
*/
616+
#ifndefHAVE_ERR_SET_MARK
617+
if ((fp=fopen(fnbuf,"r"))==NULL)
618+
{
619+
printfPQExpBuffer(&conn->errorMessage,
620+
libpq_gettext("could not open certificate file \"%s\": %s\n"),
621+
fnbuf,pqStrerror(errno,sebuf,sizeof(sebuf)));
622+
return0;
623+
}
624+
fclose(fp);
625+
#endif
626+
610627
if ((bio=BIO_new_file(fnbuf,"r"))==NULL)
611628
{
612629
printfPQExpBuffer(&conn->errorMessage,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp