Re: improve ssl error code, 2147483650

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, David Zhang <david(dot)zhang(at)highgo(dot)ca>, Pgsql Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: improve ssl error code, 2147483650
Date: 2024-03-08 00:46:08
Message-ID: 683078.1709858768@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
> On 7 Mar 2024, at 20:58, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> This could probably do with a comment, and we need to propagate
>> the fix into libpq's copy of the function too. Barring objections,
>> I'll take care of that and push it later today.

> LGTM.

Done so far as be-secure-openssl.c and fe-secure-openssl.c are
concerned. But I noticed that src/common/cryptohash_openssl.c and
src/common/hmac_openssl.c have their own, rather half-baked versions
of SSLerrmessage. I didn't do anything about that in the initial
patch, because it's not clear to me that those routines would ever
see system-errno-based errors, plus their comments claim that
returning NULL isn't terribly bad. But if we want to do something
about it, I don't think that maintaining 3 copies of the code is the
way to go. Maybe push be-secure-openssl.c's version into src/common?

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Melanie Plageman 2024-03-08 00:46:14 Re: Confine vacuum skip logic to lazy_scan_skip
Previous Message Sutou Kouhei 2024-03-08 00:22:54 Re: Make COPY format extendable: Extract COPY TO format implementations