Re: OpenSSL Applink

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Dave Page <dpage(at)postgresql(dot)org>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-patches(at)postgresql(dot)org
Subject: Re: OpenSSL Applink
Date: 2007-10-01 12:37:44
Message-ID: 20071001123744.GH387@svr2.hagander.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

On Sat, Sep 29, 2007 at 09:01:16PM +0100, Dave Page wrote:
> Tom Lane wrote:
> > "Dave Page" <dpage(at)postgresql(dot)org> writes:
> >>> From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
> >>> ... It's not entirely clear whether BIO_new_fp() would avoid the
> >>> problematic calls, but it doesn't look like it'd be hard to try.
> >
> >> The last version of the patch I posted uses BIO_new_file() in all cases, and (from memory) BIO_get_fp() in the non-win32 case to get a FILE* to pass to fstat.
> >
> > Did you manage to get rid of the bogus-error-message problem that
> > afflicted the first version of the patch? If so, this way is fine.
>
> No, thats still an issue.

A guess on this - probably the BIO stuff overwrites some internal OpenSSL
"errno" value, causing the wrong error to be passed up. Most likely, it's
not save to call BIO functions from inside the callback. My bet is that
it'll actually break without this patch, if you stick something that's
invalid in there. It's just taht we picked up the "does not exist" error
without calling BIO functions.

A quick peek at the OpenSSL sources seems to confirm this.

I think we want to either attempt to load the client certificate before we
connect (and before it's requested) and just queue up the error to show it
in only if it's requested, or we want to try some magic around
ERR_set_mark()/ERR_pop_to_mark() to clear out any BIO errors before we hand
control back.

I'll see if I can put together a poc patch - need to reproduce the problem
first :-)

//Magnus

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Hiroshi Saito 2007-10-01 12:45:43 64bit compile linker problem of win32.mak.
Previous Message Magnus Hagander 2007-10-01 10:54:33 Re: msvc >= VC7 understands __FUNCTION__