Re: Inconsistent error handling in the openssl init code - Mailing list pgsql-hackers

From Michael Paquier
Subject Re: Inconsistent error handling in the openssl init code
Date
Msg-id 20190207041223.GI4074@paquier.xyz
Whole thread Raw
In response to Inconsistent error handling in the openssl init code  (Daniel Gustafsson <daniel@yesql.se>)
Responses Re: Inconsistent error handling in the openssl init code
List pgsql-hackers
On Wed, Feb 06, 2019 at 11:18:22PM +0100, Daniel Gustafsson wrote:
> The errorhandling in be_tls_init(), and functions called from it, set the
> appropriate elevel by the isServerStart.  ssl_protocol_version_to_openssl() is
> however erroring out unconditionally with ERROR on invalid TLS versions.  The
> attached patch adds isServerStart handling to the TLS version handling as well,
> to make be_tls_init() consistent in its errorhandling.

(Adding Peter Eisentraut in CC)

Good catch, this is an oversight from commit e73e67c7, which affects
only HEAD.  The comment at the top of ssl_protocol_version_to_openssl
becomes incorrect as the function would not throw an error in a reload
context.

The current comment is that:
 * If a version is passed that is not supported by the current OpenSSL
 * version, then we throw an error, so that subsequent code can assume it's
 * working with a supported version.

Which we could change to that:
..., then we throw an error as FATAL if isServerStart is true so as it
won't return.  Otherwise, errors are logged as LOG level and return -1
to indicate trouble, preserving the old SSL state if any.

Peter, could you take care of it?  Or should I?
--
Michael

Attachment

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: bug tracking system
Next
From: Michael Paquier
Date:
Subject: Re: bug tracking system