Home > mailing lists

Re: Failing SSL connection due to weird interaction with openssl - Mailing list pgsql-hackers

From	Alvaro Herrera
Subject	Re: Failing SSL connection due to weird interaction with openssl
Date	November 27, 2012 02:00:06
Msg-id	20121126225957.GG4227@alvh.no-ip.org Whole thread Raw
In response to	Failing SSL connection due to weird interaction with openssl (Lars Kanis <lars@greiz-reinsdorf.de>)
Responses	Re: Failing SSL connection due to weird interaction with openssl
List	pgsql-hackers

Tree view

Lars Kanis wrote:
> While investigating a ruby-pg issue [1], we noticed that a libpq SSL
> connection can fail, if the running application uses OpenSSL for
> other work, too. Root cause is the thread local error queue of
> OpenSSL, that is used to transmit textual error messages to the
> application after a failed crypto operation. In case that the
> application leaves errors on the queue, the communication to the
> PostgreSQL server can fail with a message left from the previous
> failed OpenSSL operation, in particular when using non-blocking
> operations on the socket. This issue with openssl is quite old now -
> see [3].

I gather that this is supposed to be back-patched to all supported
branches.

> [3] http://www.educatedguesswork.org/movabletype/archives/2005/03/curse_you_opens.html

This link is dead.  Here's one that works:
http://www.educatedguesswork.org/2005/03/curse_you_opens.html


--
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

pgsql-hackers by date:

From: Merlin Moncure
Date: 27 November 2012, 01:55:40
Subject: Re: Removing PD_ALL_VISIBLE

From: Tom Lane
Date: 27 November 2012, 03:05:21
Subject: Re: Further pg_upgrade analysis for many tables

Re: Failing SSL connection due to weird interaction with openssl - Mailing list pgsql-hackers

Previous

Next