Skip site navigation (1) Skip section navigation (2)

Re: [BUGS] Missing error message on missing ssl-key-files

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: Harald Armin Massa <haraldarminmassa(at)gmail(dot)com>
Cc: PGSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [BUGS] Missing error message on missing ssl-key-files
Date: 2007-01-29 17:46:35
Message-ID: 45BE32FB.2070109@hagander.net (view raw or flat)
Thread:
Lists: pgsql-bugspgsql-hackers
Harald Armin Massa wrote:
> PostgreSQL 8.1.5 and 8.2.1
> 
> both on W2K3, installed from the standard win32 msi installer.
> 
> Problem:
> 
> in postgresql.conf
> 
> ssl=on
> 
> but the files server.key etc. are NOT present.
> 
> Result: PostgreSQL service does not start. And no error message in any
> log I could access: nothing in the Windows Event Log, nothing in the
> pg_log (not even starts a file)
> 
> [in this case it was me doing the SSL-setup, missing to copy the key
> files; BUT... they could get deleted / made inaccessible a later time,
> and THEN it get's impossible to diagnose the problem]
> 
> Proposed solution:
> write an error message to pg_log/ or windows event log on missing
> ssl-server-key-files.


I took a quick look at this, and it's certainly correct. If I change the
log_destination to be eventlog, it works and logs the proper error message.

This may show a much bigger problem. When we have set redirect_stderr
(which is what the MSI installer does by default), what happens to
everything that is logged *before* SysLogger_Start()? There are a lot of
startup things that happen then, but where does the output go?

I'm thinking we need a check in elog.c on the:
		if ((!Redirect_stderr || am_syslogger) && pgwin32_is_service())
			write_eventlog(edata->elevel, buf.data);


line, that checks if the syslogger process has been started yet. So it'd
 be something like
if ((!Redirect_stderr || am_syslogger || syslogger_not_started_yet) &&
pgwin32_is_service())


Does that seem reasonable? Or am I looking at this the wrong way?

//Magnus

In response to

Responses

pgsql-hackers by date

Next:From: Magnus HaganderDate: 2007-01-29 17:49:28
Subject: Re: 10 weeks to feature freeze (Pending Work)
Previous:From: Richard TroyDate: 2007-01-29 17:30:50
Subject: Re: Updateable cursors

pgsql-bugs by date

Next:From: Bruce MomjianDate: 2007-01-30 02:34:53
Subject: Re: [HACKERS] [BUGS] BUG #2907: pg_get_serial_sequence quoting
Previous:From: Magnus HaganderDate: 2007-01-29 11:38:36
Subject: Re: BUG #2931: Can't capture pg_dump Password prompt

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group