From 538724fc36e05339ea3734f1b886a67398fce71a Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Tue, 30 Nov 2021 23:23:57 +0100 Subject: [PATCH] Extend the private key stat checking error handling If the stat operation on the private key failed, the code assumed it was due to an ENOENT, which may or may not be true. Extend the check by printing a different error message on non-ENOENT errors for easier debugging. Per suggestion by Tom Lane due to an issue with the fairywren animal in the buildfarm. Discussion: https://postgr.es/m/1632478.1638305700@sss.pgh.pa.us --- src/interfaces/libpq/fe-secure-openssl.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c index a90d891c6c..33f095c12e 100644 --- a/src/interfaces/libpq/fe-secure-openssl.c +++ b/src/interfaces/libpq/fe-secure-openssl.c @@ -1235,9 +1235,14 @@ initialize_SSL(PGconn *conn) if (stat(fnbuf, &buf) != 0) { - appendPQExpBuffer(&conn->errorMessage, - libpq_gettext("certificate present, but not private key file \"%s\"\n"), - fnbuf); + if (errno == ENOENT) + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("certificate present, but not private key file \"%s\"\n"), + fnbuf); + else + appendPQExpBuffer(&conn->errorMessage, + libpq_gettext("could not stat private key file \"%s\": %m\n"), + fnbuf); return -1; } #ifndef WIN32