Set errno to zero before invoking SSL_read or SSL_write. It appears that

at least in some Windows versions, these functions are capable of returning a failure indication without setting errno. That puts us into an infinite loop if the previous value happened to be EINTR. Per report from Brendan Hill. Back-patch to 8.2. We could take it further back, but since this is only known to be an issue on Windows and we don't support Windows before 8.2, it does not seem worth the trouble.

Set errno to zero before invoking SSL_read or SSL_write. It appears that
at least in some Windows versions, these functions are capable of returning a failure indication without setting errno. That puts us into an infinite loop if the previous value happened to be EINTR. Per report from Brendan Hill. Back-patch to 8.2. We could take it further back, but since this is only known to be an issue on Windows and we don't support Windows before 8.2, it does not seem worth the trouble.
4847d595 · Tom Lane · 3d4b0ab2 · 4847d595 · 4847d595
Commit 4847d595 authored Dec 30, 2009 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

src/backend/libpq/be-secure.c src/backend/libpq/be-secure.c +3 -1

src/interfaces/libpq/fe-secure.c src/interfaces/libpq/fe-secure.c +3 -1

No files found.
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.93 2009/12/09 06:37:06 mha Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.94 2009/12/30 03:45:46 tgl Exp $
 *
 *	  Since the server static private key ($DataDir/server.key)
 *	  will normally be stored unencrypted so that the database
@@ -245,6 +245,7 @@ secure_read(Port *port, void *ptr, size_t len)
 		int			err;

 rloop:
+		errno = 0;
 		n = SSL_read(port->ssl, ptr, len);
 		err = SSL_get_error(port->ssl, n);
 		switch (err)
@@ -339,6 +340,7 @@ secure_write(Port *port, void *ptr, size_t len)
 		}

 wloop:
+		errno = 0;
 		n = SSL_write(port->ssl, ptr, len);
 		err = SSL_get_error(port->ssl, n);
 		switch (err)

--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@@ -11,7 +11,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.129 2009/12/09 06:37:06 mha Exp $
+ *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.130 2009/12/30 03:45:46 tgl Exp $
 *
 * NOTES
 *
@@ -324,6 +324,7 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
 		DISABLE_SIGPIPE(conn, spinfo, return -1);

 rloop:
+		SOCK_ERRNO_SET(0);
 		n = SSL_read(conn->ssl, ptr, len);
 		err = SSL_get_error(conn->ssl, n);
 		switch (err)
@@ -409,6 +410,7 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)

 		DISABLE_SIGPIPE(conn, spinfo, return -1);

+		SOCK_ERRNO_SET(0);
 		n = SSL_write(conn->ssl, ptr, len);
 		err = SSL_get_error(conn->ssl, n);
 		switch (err)