| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Carla Iriberri <ciriberri(at)salesforce(dot)com>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: could not accept SSL connection: Success |
| Date: | 2022-01-20 00:58:43 |
| Message-ID: | 785015.1642640323@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Michael Paquier <michael(at)paquier(dot)xyz> writes:
> I don't think that it makes much sense to leave this unchecked as the
> message is confusing as it stands. Perhaps we could do something like
> the attached by adding a note about OpenSSL 3.0 to revisit this code
> once we unplug support for 1.1.1 and avoiding the errno==0 case?
If I'm reading this patch correctly, you have it calling the case
"EOF detected" in one place, "internal failure" in another, and
failing to touch several more places where we deal with
SSL_ERROR_SYSCALL. I don't find that to be an improvement ---
inconsistency is worse than a confusing error message.
Personally I'm satisfied to leave it as-is, since this issue apparently
occurs only in a minority of OpenSSL versions, and not the newest.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2022-01-20 01:01:58 | Re: could not accept SSL connection: Success |
| Previous Message | Michael Paquier | 2022-01-20 00:32:33 | Re: could not accept SSL connection: Success |