On Sun, Jan 27, 2008 at 08:09:10PM -0500, Tom Lane wrote: > If you do a manual "kill -9" (for testing purposes) on its connected > server process, psql normally recovers nicely: > > regression=# select 1; > ?column? > ---------- > 1 > (1 row) > > -- issue kill here in another window > regression=# select 1; > server closed the connection unexpectedly > This probably means the server terminated abnormally > before or while processing the request. > The connection to the server was lost. Attempting reset: Succeeded. > regression=# > > But try it with an SSL-enabled connection, and psql just dies rudely. > Investigation shows that it's being killed by SIGPIPE while attempting > to clean up the failed connection: > > Program received signal SIGPIPE, Broken pipe. > 0x00000030f7ec6e80 in __write_nocancel () from /lib64/libc.so.6 > (gdb) bt > #0 0x00000030f7ec6e80 in __write_nocancel () from /lib64/libc.so.6 > #1 0x0000003102497a27 in rl_filename_completion_function () > from /lib64/libcrypto.so.6 > #2 0x0000003102495e5e in BIO_write () from /lib64/libcrypto.so.6 > #3 0x0000003877a1f449 in ssl3_write_pending () from /lib64/libssl.so.6 > #4 0x0000003877a1f8b6 in ssl3_dispatch_alert () from /lib64/libssl.so.6 > #5 0x0000003877a1d602 in ssl3_shutdown () from /lib64/libssl.so.6 > #6 0x00002aaaaaac2675 in close_SSL (conn=0x642d60) at fe-secure.c:1095 > #7 0x00002aaaaaabb483 in pqReadData (conn=0x642d60) at fe-misc.c:719 > #8 0x00002aaaaaaba9b8 in PQgetResult (conn=0x642d60) at fe-exec.c:1223 > #9 0x00002aaaaaabaa8e in PQexecFinish (conn=0x642d60) at fe-exec.c:1452 > #10 0x00000000004075b7 in SendQuery (query=<value optimized out>) > at common.c:853 > #11 0x0000000000409cf3 in MainLoop (source=0x30f8151680) at mainloop.c:225 > #12 0x000000000040c3dc in main (argc=<value optimized out>, argv=0x100) > at startup.c:352 > > Apparently we need to do the SIGPIPE disable/enable dance around > SSL_shutdown() as well as SSL_write(). I wonder whether we don't need > it around SSL_read() as well --- I seem to recall that OpenSSL might > either read or write the socket within SSL_read(), due to various corner > cases in the SSL protocol. > > Comments?
Yes, AFAIK it can end up doing writes - for example if it has to re-negotiate the encryption key. So yes, I think we need it around both. //Magnus ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly