On Mon, Oct 01, 2007 at 02:37:44PM +0200, Magnus Hagander wrote: > On Sat, Sep 29, 2007 at 09:01:16PM +0100, Dave Page wrote: > > Tom Lane wrote: > > > "Dave Page" <[EMAIL PROTECTED]> writes: > > >>> From: Tom Lane <[EMAIL PROTECTED]> > > >>> ... It's not entirely clear whether BIO_new_fp() would avoid the > > >>> problematic calls, but it doesn't look like it'd be hard to try. > > > > > >> The last version of the patch I posted uses BIO_new_file() in all cases, > > >> and (from memory) BIO_get_fp() in the non-win32 case to get a FILE* to > > >> pass to fstat. > > > > > > Did you manage to get rid of the bogus-error-message problem that > > > afflicted the first version of the patch? If so, this way is fine. > > > > No, thats still an issue. > > A guess on this - probably the BIO stuff overwrites some internal OpenSSL > "errno" value, causing the wrong error to be passed up. Most likely, it's > not save to call BIO functions from inside the callback. My bet is that > it'll actually break without this patch, if you stick something that's > invalid in there. It's just taht we picked up the "does not exist" error > without calling BIO functions. > > A quick peek at the OpenSSL sources seems to confirm this. > > I think we want to either attempt to load the client certificate before we > connect (and before it's requested) and just queue up the error to show it > in only if it's requested, or we want to try some magic around > ERR_set_mark()/ERR_pop_to_mark() to clear out any BIO errors before we hand > control back. > > I'll see if I can put together a poc patch - need to reproduce the problem > first :-)
Just a quick followup - this is also reproducible on Unix: [EMAIL PROTECTED]:~/inst-pg/head/bin$ PGSSLMODE=require ./psql -h localhost postgres psql: SSL SYSCALL error: Resource temporarily unavailable //Magnus ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
