Improve libpq's error reporting for SSL failures.

tglsfdc · tglsfdc · commit fee476da952a · 2011-07-24T16:29:07.000-04:00
In many cases, pqsecure_read/pqsecure_write set up useful error messages,
which were then overwritten with useless ones by their callers.  Fix this
by defining the responsibility to set an error message to be entirely that
of the lower-level function when using SSL.

Back-patch to 8.3; the code is too different in 8.2 to be worth the
trouble.
diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c
@@ -647,7 +647,9 @@ pqReadData(PGconn *conn)
 		if (SOCK_ERRNO == ECONNRESET)
 			goto definitelyFailed;
 #endif
-		printfPQExpBuffer(&conn->errorMessage,
+		/* in SSL mode, pqsecure_read set the error message */
+		if (conn->ssl == NULL)
+			printfPQExpBuffer(&conn->errorMessage,
 				   libpq_gettext("could not receive data from server: %s\n"),
 						  SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
 		return -1;
@@ -737,7 +739,9 @@ pqReadData(PGconn *conn)
 		if (SOCK_ERRNO == ECONNRESET)
 			goto definitelyFailed;
 #endif
-		printfPQExpBuffer(&conn->errorMessage,
+		/* in SSL mode, pqsecure_read set the error message */
+		if (conn->ssl == NULL)
+			printfPQExpBuffer(&conn->errorMessage,
 				   libpq_gettext("could not receive data from server: %s\n"),
 						  SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
 		return -1;
@@ -753,8 +757,10 @@ pqReadData(PGconn *conn)
 	 * means the connection has been closed.  Cope.
 	 */
 definitelyFailed:
-	printfPQExpBuffer(&conn->errorMessage,
-					  libpq_gettext(
+	/* in SSL mode, pqsecure_read set the error message */
+	if (conn->ssl == NULL)
+		printfPQExpBuffer(&conn->errorMessage,
+						  libpq_gettext(
 								"server closed the connection unexpectedly\n"
 				   "\tThis probably means the server terminated abnormally\n"
 							 "\tbefore or while processing the request.\n"));
@@ -831,8 +837,10 @@ pqSendSome(PGconn *conn, int len)
 #ifdef ECONNRESET
 				case ECONNRESET:
 #endif
-					printfPQExpBuffer(&conn->errorMessage,
-									  libpq_gettext(
+					/* in SSL mode, pqsecure_write set the error message */
+					if (conn->ssl == NULL)
+						printfPQExpBuffer(&conn->errorMessage,
+										  libpq_gettext(
 								"server closed the connection unexpectedly\n"
 					"\tThis probably means the server terminated abnormally\n"
 							 "\tbefore or while processing the request.\n"));
@@ -849,7 +857,9 @@ pqSendSome(PGconn *conn, int len)
 					return -1;
 
 				default:
-					printfPQExpBuffer(&conn->errorMessage,
+					/* in SSL mode, pqsecure_write set the error message */
+					if (conn->ssl == NULL)
+						printfPQExpBuffer(&conn->errorMessage,
 						libpq_gettext("could not send data to server: %s\n"),
 							SOCK_STRERROR(SOCK_ERRNO, sebuf, sizeof(sebuf)));
 					/* We don't assume it's a fatal error... */
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c
@@ -302,6 +302,11 @@ pqsecure_close(PGconn *conn)
 
 /*
  *	Read data from a secure connection.
+ *
+ * If SSL is in use, this function is responsible for putting a suitable
+ * message into conn->errorMessage upon error; but the caller does that
+ * when not using SSL.  In either case, caller uses the returned errno
+ * to decide whether to continue/retry after error.
  */
 ssize_t
 pqsecure_read(PGconn *conn, void *ptr, size_t len)
@@ -325,6 +330,13 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
 		switch (err)
 		{
 			case SSL_ERROR_NONE:
+				if (n < 0)
+				{
+					printfPQExpBuffer(&conn->errorMessage,
+									  libpq_gettext("SSL_read failed but did not provide error information\n"));
+					/* assume the connection is broken */
+					SOCK_ERRNO_SET(ECONNRESET);
+				}
 				break;
 			case SSL_ERROR_WANT_READ:
 				n = 0;
@@ -342,7 +354,7 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
 				{
 					char		sebuf[256];
 
-					if (n == -1)
+					if (n < 0)
 					{
 						REMEMBER_EPIPE(spinfo, SOCK_ERRNO == EPIPE);
 						printfPQExpBuffer(&conn->errorMessage,
@@ -353,29 +365,36 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
 					{
 						printfPQExpBuffer(&conn->errorMessage,
 						 libpq_gettext("SSL SYSCALL error: EOF detected\n"));
-
+						/* assume the connection is broken */
 						SOCK_ERRNO_SET(ECONNRESET);
 						n = -1;
 					}
 					break;
 				}
 			case SSL_ERROR_SSL:
 				{
-					char	   *err = SSLerrmessage();
+					char	   *errm = SSLerrmessage();
 
 					printfPQExpBuffer(&conn->errorMessage,
-									  libpq_gettext("SSL error: %s\n"), err);
-					SSLerrfree(err);
+									  libpq_gettext("SSL error: %s\n"), errm);
+					SSLerrfree(errm);
+					/* assume the connection is broken */
+					SOCK_ERRNO_SET(ECONNRESET);
+					n = -1;
+					break;
 				}
-				/* fall through */
 			case SSL_ERROR_ZERO_RETURN:
+				printfPQExpBuffer(&conn->errorMessage,
+								  libpq_gettext("SSL connection has been closed unexpectedly\n"));
 				SOCK_ERRNO_SET(ECONNRESET);
 				n = -1;
 				break;
 			default:
 				printfPQExpBuffer(&conn->errorMessage,
 						  libpq_gettext("unrecognized SSL error code: %d\n"),
 								  err);
+				/* assume the connection is broken */
+				SOCK_ERRNO_SET(ECONNRESET);
 				n = -1;
 				break;
 		}
@@ -391,6 +410,11 @@ pqsecure_read(PGconn *conn, void *ptr, size_t len)
 
 /*
  *	Write data to a secure connection.
+ *
+ * If SSL is in use, this function is responsible for putting a suitable
+ * message into conn->errorMessage upon error; but the caller does that
+ * when not using SSL.  In either case, caller uses the returned errno
+ * to decide whether to continue/retry after error.
  */
 ssize_t
 pqsecure_write(PGconn *conn, const void *ptr, size_t len)
@@ -412,6 +436,13 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
 		switch (err)
 		{
 			case SSL_ERROR_NONE:
+				if (n < 0)
+				{
+					printfPQExpBuffer(&conn->errorMessage,
+									  libpq_gettext("SSL_write failed but did not provide error information\n"));
+					/* assume the connection is broken */
+					SOCK_ERRNO_SET(ECONNRESET);
+				}
 				break;
 			case SSL_ERROR_WANT_READ:
 
@@ -429,7 +460,7 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
 				{
 					char		sebuf[256];
 
-					if (n == -1)
+					if (n < 0)
 					{
 						REMEMBER_EPIPE(spinfo, SOCK_ERRNO == EPIPE);
 						printfPQExpBuffer(&conn->errorMessage,
@@ -440,28 +471,36 @@ pqsecure_write(PGconn *conn, const void *ptr, size_t len)
 					{
 						printfPQExpBuffer(&conn->errorMessage,
 						 libpq_gettext("SSL SYSCALL error: EOF detected\n"));
+						/* assume the connection is broken */
 						SOCK_ERRNO_SET(ECONNRESET);
 						n = -1;
 					}
 					break;
 				}
 			case SSL_ERROR_SSL:
 				{
-					char	   *err = SSLerrmessage();
+					char	   *errm = SSLerrmessage();
 
 					printfPQExpBuffer(&conn->errorMessage,
-									  libpq_gettext("SSL error: %s\n"), err);
-					SSLerrfree(err);
+									  libpq_gettext("SSL error: %s\n"), errm);
+					SSLerrfree(errm);
+					/* assume the connection is broken */
+					SOCK_ERRNO_SET(ECONNRESET);
+					n = -1;
+					break;
 				}
-				/* fall through */
 			case SSL_ERROR_ZERO_RETURN:
+				printfPQExpBuffer(&conn->errorMessage,
+								  libpq_gettext("SSL connection has been closed unexpectedly\n"));
 				SOCK_ERRNO_SET(ECONNRESET);
 				n = -1;
 				break;
 			default:
 				printfPQExpBuffer(&conn->errorMessage,
 						  libpq_gettext("unrecognized SSL error code: %d\n"),
 								  err);
+				/* assume the connection is broken */
+				SOCK_ERRNO_SET(ECONNRESET);
 				n = -1;
 				break;
 		}
