Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit fdbce93

Browse files
tglsfdctglsfdc
committed
Minor improvements to hack for old OpenSSL libraries: avoid unused
variable warning on Windows, improve comment.
1 parent a248dbc commit fdbce93

File tree

1 file changed

+19
-14
lines changed

1 file changed

+19
-14
lines changed

src/interfaces/libpq/fe-secure.c

+19-14
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.98 2007/10/03 13:57:52 mha Exp $
14+
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.99 2007/10/03 15:12:45 tgl Exp $
1515
*
1616
* NOTES
1717
* [ Most of these notes are wrong/obsolete, but perhaps not all ]
@@ -588,8 +588,8 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
588588

589589
#ifndef WIN32
590590
struct stat buf2;
591-
#endif
592591
FILE *fp;
592+
#endif
593593
char fnbuf[MAXPGPATH];
594594
BIO *bio;
595595
PGconn *conn = (PGconn *) SSL_get_app_data(ssl);
@@ -602,27 +602,32 @@ client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
602602
return 0;
603603
}
604604

605-
/* save OpenSSL error stack */
606-
ERR_set_mark();
607-
608605
/* read the user certificate */
609606
snprintf(fnbuf, sizeof(fnbuf), "%s/%s", homedir, USER_CERT_FILE);
610607

611608
/*
612-
* OpenSSL <= 0.8.2 lacks error stack handling. Do a separate check
613-
* for the existance of the file without using BIO functions to make
614-
* it pick up the majority of the cases with the old versions.
609+
* OpenSSL <= 0.9.8 lacks error stack handling, which means it's likely
610+
* to report wrong error messages if access to the cert file fails.
611+
* Do our own check for the readability of the file to catch the
612+
* majority of such problems before OpenSSL gets involved.
615613
*/
616614
#ifndef HAVE_ERR_SET_MARK
617-
if ((fp = fopen(fnbuf, "r")) == NULL)
618615
{
619-
printfPQExpBuffer(&conn->errorMessage,
620-
libpq_gettext("could not open certificate file \"%s\": %s\n"),
621-
fnbuf, pqStrerror(errno, sebuf, sizeof(sebuf)));
622-
return 0;
616+
FILE *fp2;
617+
618+
if ((fp2 = fopen(fnbuf, "r")) == NULL)
619+
{
620+
printfPQExpBuffer(&conn->errorMessage,
621+
libpq_gettext("could not open certificate file \"%s\": %s\n"),
622+
fnbuf, pqStrerror(errno, sebuf, sizeof(sebuf)));
623+
return 0;
624+
}
625+
fclose(fp2);
623626
}
624-
fclose(fp);
625627
#endif
628+
629+
/* save OpenSSL error stack */
630+
ERR_set_mark();
626631

627632
if ((bio = BIO_new_file(fnbuf, "r")) == NULL)
628633
{

0 commit comments

Comments
 (0)