| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Lars Kanis <lars(at)greiz-reinsdorf(dot)de> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Failing SSL connection due to weird interaction with openssl |
| Date: | 2012-11-26 22:59:57 |
| Message-ID: | 20121126225957.GG4227@alvh.no-ip.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Lars Kanis wrote:
> While investigating a ruby-pg issue [1], we noticed that a libpq SSL
> connection can fail, if the running application uses OpenSSL for
> other work, too. Root cause is the thread local error queue of
> OpenSSL, that is used to transmit textual error messages to the
> application after a failed crypto operation. In case that the
> application leaves errors on the queue, the communication to the
> PostgreSQL server can fail with a message left from the previous
> failed OpenSSL operation, in particular when using non-blocking
> operations on the socket. This issue with openssl is quite old now -
> see [3].
I gather that this is supposed to be back-patched to all supported
branches.
> [3] http://www.educatedguesswork.org/movabletype/archives/2005/03/curse_you_opens.html
This link is dead. Here's one that works:
http://www.educatedguesswork.org/2005/03/curse_you_opens.html
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2012-11-27 00:05:13 | Re: Further pg_upgrade analysis for many tables |
| Previous Message | Merlin Moncure | 2012-11-26 22:55:34 | Re: Removing PD_ALL_VISIBLE |