Commit 4847d595 authored by Tom Lane's avatar Tom Lane

Set errno to zero before invoking SSL_read or SSL_write. It appears that

at least in some Windows versions, these functions are capable of returning
a failure indication without setting errno.  That puts us into an infinite
loop if the previous value happened to be EINTR.  Per report from Brendan
Hill.

Back-patch to 8.2.  We could take it further back, but since this is only
known to be an issue on Windows and we don't support Windows before 8.2,
it does not seem worth the trouble.
parent 3d4b0ab2
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.93 2009/12/09 06:37:06 mha Exp $ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.94 2009/12/30 03:45:46 tgl Exp $
* *
* Since the server static private key ($DataDir/server.key) * Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database * will normally be stored unencrypted so that the database
...@@ -245,6 +245,7 @@ secure_read(Port *port, void *ptr, size_t len) ...@@ -245,6 +245,7 @@ secure_read(Port *port, void *ptr, size_t len)
int err; int err;
rloop: rloop:
errno = 0;
n = SSL_read(port->ssl, ptr, len); n = SSL_read(port->ssl, ptr, len);
err = SSL_get_error(port->ssl, n); err = SSL_get_error(port->ssl, n);
switch (err) switch (err)
...@@ -339,6 +340,7 @@ secure_write(Port *port, void *ptr, size_t len) ...@@ -339,6 +340,7 @@ secure_write(Port *port, void *ptr, size_t len)
} }
wloop: wloop:
errno = 0;
n = SSL_write(port->ssl, ptr, len); n = SSL_write(port->ssl, ptr, len);
err = SSL_get_error(port->ssl, n); err = SSL_get_error(port->ssl, n);
switch (err) switch (err)
......
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.129 2009/12/09 06:37:06 mha Exp $ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.130 2009/12/30 03:45:46 tgl Exp $
* *
* NOTES * NOTES
* *
...@@ -324,6 +324,7 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len) ...@@ -324,6 +324,7 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
DISABLE_SIGPIPE(conn, spinfo, return -1); DISABLE_SIGPIPE(conn, spinfo, return -1);
rloop: rloop:
SOCK_ERRNO_SET(0);
n = SSL_read(conn->ssl, ptr, len); n = SSL_read(conn->ssl, ptr, len);
err = SSL_get_error(conn->ssl, n); err = SSL_get_error(conn->ssl, n);
switch (err) switch (err)
...@@ -409,6 +410,7 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len) ...@@ -409,6 +410,7 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
DISABLE_SIGPIPE(conn, spinfo, return -1); DISABLE_SIGPIPE(conn, spinfo, return -1);
SOCK_ERRNO_SET(0);
n = SSL_write(conn->ssl, ptr, len); n = SSL_write(conn->ssl, ptr, len);
err = SSL_get_error(conn->ssl, n); err = SSL_get_error(conn->ssl, n);
switch (err) switch (err)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment