summaryrefslogtreecommitdiffstats
path: root/src/backend/libpq
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/libpq')
-rw-r--r--src/backend/libpq/be-secure-openssl.c19
-rw-r--r--src/backend/libpq/pqcomm.c6
2 files changed, 17 insertions, 8 deletions
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 4f1fd91..6f0ecf8 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1350,9 +1350,9 @@ initialize_ecdh(SSL_CTX *context, bool isServerStart)
*
* ERR_get_error() is used by caller to get errcode to pass here.
*
- * Some caution is needed here since ERR_reason_error_string will
- * return NULL if it doesn't recognize the error code. We don't
- * want to return NULL ever.
+ * Some caution is needed here since ERR_reason_error_string will return NULL
+ * if it doesn't recognize the error code, or (in OpenSSL >= 3) if the code
+ * represents a system errno value. We don't want to return NULL ever.
*/
static const char *
SSLerrmessage(unsigned long ecode)
@@ -1365,6 +1365,19 @@ SSLerrmessage(unsigned long ecode)
errreason = ERR_reason_error_string(ecode);
if (errreason != NULL)
return errreason;
+
+ /*
+ * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
+ * map system errno values. We can cover that shortcoming with this bit
+ * of code. Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
+ * but that's okay because they don't have the shortcoming either.
+ */
+#ifdef ERR_SYSTEM_ERROR
+ if (ERR_SYSTEM_ERROR(ecode))
+ return strerror(ERR_GET_REASON(ecode));
+#endif
+
+ /* No choice but to report the numeric ecode */
snprintf(errbuf, sizeof(errbuf), _("SSL error code %lu"), ecode);
return errbuf;
}
diff --git a/src/backend/libpq/pqcomm.c b/src/backend/libpq/pqcomm.c
index 6753544..16378e8 100644
--- a/src/backend/libpq/pqcomm.c
+++ b/src/backend/libpq/pqcomm.c
@@ -189,14 +189,10 @@ pq_init(void)
* nonblocking mode and use latches to implement blocking semantics if
* needed. That allows us to provide safely interruptible reads and
* writes.
- *
- * Use COMMERROR on failure, because ERROR would try to send the error to
- * the client, which might require changing the mode again, leading to
- * infinite recursion.
*/
#ifndef WIN32
if (!pg_set_noblock(MyProcPort->sock))
- ereport(COMMERROR,
+ ereport(FATAL,
(errmsg("could not set socket to nonblocking mode: %m")));
#endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 20:27:16 +0000