17.09.2016 2:05, Andres Freund:
Well, it's not pretty. I quite dislike this bit, and I've complained
about it before.  But it is noteworthy that it's nearly impossible to
hit these days, due to ssl-renegotiation support having been ripped out.
That's what could trigger openssl to require writes upon reads.

Looks like it _usually_ happens so that such interdependent reads and writes are unnecessary in the absence of renegotiations. But still [1] instructs to always check for both SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE in all cases. Supposedly it is for a reason. The way it is implemented in fe-secure-openssl.c looks just somewhat unfinished.
I'm wondering is there really something that prevents doing it properly?

[1] https://www.openssl.org/docs/manmaster/ssl/SSL_get_error.html

Thank you,


Andres Freund

Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:

Reply via email to