Re: BUG #1321: SSL error: sslv3 alert handshake failure

>> After installing 8.0.0beta4 (previously tried with
>beta3,2,etc) on a linux
>> system with a working 7.4.x installation I was unable to
>connect with ssl.
>> Tried compiling with OpenSSL 0.9.7d/e. I used certificates
>created with
>> OpenSSL 0.9.7d/e that both worked fine with 7.4.x but
>apparently not so with
>> 8.0.0. Server starts fine, but when I attempt to connect to
>the server with
>> latest pgadmin or psql (8.0.0beta4 both on the pgfoundry
>binary for windows
>> and a compiled version on Mandrake Linux) the error is
>always the same. The
>> error message returned to the client is "SSL error: sslv3
>alert handshake
>> failure". The log reports: "could not accept SSL connection: 1".
>
>The only SSL changes between beta3 and beta4 were Magnus' changes to
>make ssl work on Windows, so I'm assuming this is his fault ...

It would have to come from
http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/libp
q/be-secure.c.diff?r1=1.51&r2=1.52, the part where it fixes error
handling.
(Previusly it did three API calls and didn't actually check their
results individually)
In open_server_ssl(), right at the bottom.

I can't see where the problem is though. And it did work in all my
testing - both Windows and Linux. But that part can certainly be
reversed - I only added it because I needed the better error reporting
during debugging, and figured it would be useful for others as well.

I'm not 100% sure from the post wether this problem was actually not
present in beta3, or if it possibly was. But that could be me reading
the report trying to make it fit my needs.

Upon reviewing this patch, I notice this horrible line slipped into the
patch earlier up (in the #ifdef WIN32 section):
+ printf("uhh\n");fflush(stdout);

Oopsie. Could you remove that, or do you want a patch to do it? :-)
Can't beleive I missed that...

//Magnus