| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Dave Vitek <dvitek(at)grammatech(dot)com> |
| Cc: | Peter Geoghegan <pg(at)heroku(dot)com>, pgsql-bugs <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #12799: libpq - SSL pqsecure_read() doesn't clean openssl error queue before reading |
| Date: | 2016-02-18 22:38:37 |
| Message-ID: | 28955.1455835117@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Dave Vitek <dvitek(at)grammatech(dot)com> writes:
> Maintainers: Peter's patch is better than mine, at least for the front
> end side. I also adjusted be-secure-openssl.c, which perhaps is not
> necessary, but then again it's hard to be sure. It might be worth doing
> a patch for be-secure-openssl.c in the spirit of what Peter did for the
> frontend (sorry, not volunteering :).
+1 for changing both sides. I'm fairly sure that you could provoke
problems of this ilk in the backend too, for example if client connection
is using SSL and we also establish an outgoing SSL connection using
postgres_fdw or dblink.
BTW, do we have a reproducible test case?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Vitek | 2016-02-18 22:58:32 | Re: BUG #12799: libpq - SSL pqsecure_read() doesn't clean openssl error queue before reading |
| Previous Message | Dave Vitek | 2016-02-18 22:33:19 | Re: BUG #12799: libpq - SSL pqsecure_read() doesn't clean openssl error queue before reading |