Re: Fix for OpenSSL error queue bug - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Fix for OpenSSL error queue bug
Date
Msg-id 8564.1457996713@sss.pgh.pa.us
Whole thread Raw
In response to Re: Fix for OpenSSL error queue bug  (Peter Geoghegan <pg@heroku.com>)
Responses Re: Fix for OpenSSL error queue bug
List pgsql-hackers
Peter Geoghegan <pg@heroku.com> writes:
> On Mon, Mar 14, 2016 at 3:06 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Agreed, we need to deal with this one way or the other.  My proposal
>> is:
>> 
>> 1. In HEAD, do it as Peter E. suggests, ie clear error queue before calls.
>> 
>> 2. In back branches, clear error queue before *and* after calls.  This
>> will waste a few nanoseconds but will avoid any risk of breaking
>> existing third-party code.

> I am concerned that users will never be able to get this right, since
> I think it requires every Ruby or PHP app using some thin OpenSSL
> wrapper to clear the per-queue thread. It's a big mess, but it's our
> mess to some degree.

So your proposal is basically to do #2 in all branches?  I won't fight it,
if it doesn't bloat the code much.  The overhead should surely be trivial
compared to network communication costs, and I'm afraid you might be right
about the risk of latent bugs.
        regards, tom lane



pgsql-hackers by date:

Previous
From: Peter Geoghegan
Date:
Subject: Re: Fix for OpenSSL error queue bug
Next
From: Michael Paquier
Date:
Subject: Re: Password identifiers, protocol aging and SCRAM protocol