17.09.2016 2:05, Andres Freund:
[...]
> Well, it's not pretty. I quite dislike this bit, and I've complained
> about it before. But it is noteworthy that it's nearly impossible to
> hit these days, due to ssl-renegotiation support having been ripped out.
> That's what could trigger openssl to require writes upon reads.
Looks like it _usually_ happens so that such interdependent reads and
writes are unnecessary in the absence of renegotiations. But still [1]
instructs to always check for both SSL_ERROR_WANT_READ and
SSL_ERROR_WANT_WRITE in all cases. Supposedly it is for a reason. The
way it is implemented in fe-secure-openssl.c looks just somewhat unfinished.
I'm wondering is there really something that prevents doing it properly?
[1] https://www.openssl.org/docs/manmaster/ssl/SSL_get_error.html
Thank you,
Regards,
Nikolai
>
> Greetings,
>
> Andres Freund
>
>
