diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2023-12-11 11:51:56 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2023-12-11 11:51:56 -0500 |
| commit | 271d24f31ddd691327d7e32eea7141b33b9eff58 (patch) | |
| tree | 6a4773e4c338daf721aca97f5f1552385d866306 /src/interfaces/libpq/fe-secure-openssl.c | |
| parent | c922b241064ceadc95c49fac445e4ed24171b3f0 (diff) | |
| download | postgresql-271d24f31ddd691327d7e32eea7141b33b9eff58.tar.gz postgresql-271d24f31ddd691327d7e32eea7141b33b9eff58.zip | |
Be more wary about OpenSSL not setting errno on error.
OpenSSL will sometimes return SSL_ERROR_SYSCALL without having set
errno; this is apparently a reflection of recv(2)'s habit of not
setting errno when reporting EOF. Ensure that we treat such cases
the same as read EOF. Previously, we'd frequently report them like
"could not accept SSL connection: Success" which is confusing, or
worse report them with an unrelated errno left over from some
previous syscall.
To fix, ensure that errno is zeroed immediately before the call,
and report its value only when it's not zero afterwards; otherwise
report EOF.
For consistency, I've applied the same coding pattern in libpq's
pqsecure_raw_read(). Bare recv(2) shouldn't really return -1 without
setting errno, but in case it does we might as well cope.
Per report from Andres Freund. Back-patch to all supported versions.
Discussion: https://postgr.es/m/20231208181451.deqnflwxqoehhxpe@awork3.anarazel.de
Diffstat (limited to 'src/interfaces/libpq/fe-secure-openssl.c')
| -rw-r--r-- | src/interfaces/libpq/fe-secure-openssl.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index 6718dacfba4..2dee9323c69 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -196,7 +196,7 @@ rloop: */ goto rloop; case SSL_ERROR_SYSCALL: - if (n < 0) + if (n < 0 && SOCK_ERRNO != 0) { result_errno = SOCK_ERRNO; if (result_errno == EPIPE || @@ -305,7 +305,13 @@ pgtls_write(PGconn *conn, const void *ptr, size_t len) n = 0; break; case SSL_ERROR_SYSCALL: - if (n < 0) + + /* + * If errno is still zero then assume it's a read EOF situation, + * and report EOF. (This seems possible because SSL_write can + * also do reads.) + */ + if (n < 0 && SOCK_ERRNO != 0) { result_errno = SOCK_ERRNO; if (result_errno == EPIPE || result_errno == ECONNRESET) @@ -1233,10 +1239,12 @@ open_client_SSL(PGconn *conn) { int r; + SOCK_ERRNO_SET(0); ERR_clear_error(); r = SSL_connect(conn->ssl); if (r <= 0) { + int save_errno = SOCK_ERRNO; int err = SSL_get_error(conn->ssl, r); unsigned long ecode; @@ -1253,10 +1261,10 @@ open_client_SSL(PGconn *conn) { char sebuf[PG_STRERROR_R_BUFLEN]; - if (r == -1) + if (r == -1 && save_errno != 0) printfPQExpBuffer(&conn->errorMessage, libpq_gettext("SSL SYSCALL error: %s\n"), - SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf))); + SOCK_STRERROR(save_errno, sebuf, sizeof(sebuf))); else printfPQExpBuffer(&conn->errorMessage, libpq_gettext("SSL SYSCALL error: EOF detected\n")); |