*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.22 2003/01/08 22:56:58 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.23 2003/01/08 23:18:25 momjian Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
#ifdef USE_SSL
if (port->ssl)
{
- if (port->count > RENEGOTIATION_LIMIT)
- {
- SSL_renegotiate(port->ssl);
- port->count = 0;
- }
-
n = SSL_read(port->ssl, ptr, len);
switch (SSL_get_error(port->ssl, n))
{
port->count += n;
break;
case SSL_ERROR_WANT_READ:
+ n = secure_read(port, ptr, len);
break;
case SSL_ERROR_SYSCALL:
if (n == -1)
{
if (port->count > RENEGOTIATION_LIMIT)
{
- SSL_renegotiate(port->ssl);
+ SSL_set_session_id_context(port->ssl, (void *)&SSL_context, sizeof(SSL_context));
+
+ if (SSL_renegotiate(port->ssl) <= 0)
+ elog(COMMERROR, "SSL renegotiation failure");
+ if (SSL_do_handshake(port->ssl) <= 0)
+ elog(COMMERROR, "SSL renegotiation failure");
+ port->ssl->state=SSL_ST_ACCEPT;
+ if (SSL_do_handshake(port->ssl) <= 0)
+ elog(COMMERROR, "SSL renegotiation failure");
port->count = 0;
}
port->count += n;
break;
case SSL_ERROR_WANT_WRITE:
+ n = secure_read(port, ptr, len);
break;
case SSL_ERROR_SYSCALL:
if (n == -1)
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.19 2003/01/08 22:56:58 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.20 2003/01/08 23:18:25 momjian Exp $
*
* NOTES
* The client *requires* a valid server certificate. Since
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_READ:
+ n = pqsecure_read(conn, ptr, len);
break;
case SSL_ERROR_SYSCALL:
if (n == -1)
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_WRITE:
+ n = pqsecure_write(conn, ptr, len);
break;
case SSL_ERROR_SYSCALL:
if (n == -1)
projects / users / bernd / postgres.git / commitdiff