Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1whr33-000SMz-01 for pgsql-hackers@arkaria.postgresql.org; Thu, 09 Jul 2026 15:52:25 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1whr30-00DmJq-0T for pgsql-hackers@arkaria.postgresql.org; Thu, 09 Jul 2026 15:52:22 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1whr2z-00DmJc-2Q for pgsql-hackers@lists.postgresql.org; Thu, 09 Jul 2026 15:52:22 +0000 Received: from lahtoruutu.iki.fi ([2a0b:5c81:1c1::37]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1whr2x-00000000V8L-3Lo7 for pgsql-hackers@lists.postgresql.org; Thu, 09 Jul 2026 15:52:22 +0000 Received: from [10.0.2.15] (unknown [130.41.208.2]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: hlinnaka) by lahtoruutu.iki.fi (Postfix) with ESMTPSA id 4gwzxB3ssBz49Px6; Thu, 09 Jul 2026 18:52:14 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1783612335; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=a0breiPd4teDJ9AoLDbBRLHeYGD5ubhqul+L9r50Hcw=; b=e8djEiXXxjL9fi2NYjuPIA9UYbRp2VZgajhl/y+qqjMAyTlwO4VOzoG/gMu1T10wKUpqVP M1Z6TsmIUoeTNYi66Zsd6WxDxwB7jm4blQ027n7N8kDmUgE05AATVPcUByuswwVneuVyPv mL6pIJKnDwHo+CH2FTR05jpjsidRFjgMvZO5QxgdGXnAQVNHFuYJG1LCzOMnpY8KWSDAiA 4nT5Thz8tWPZq6xsSesUMOyDw5Ok0I8hz0KD4CwFSwJ5JZZVcn2dvVYTYr/wbmDtFfQyYo IKU3RotIxuSfhVdKVNWBiyC+30CxuXWMA9L/6xN4b/AQrtVef9DdfHgpwA2MQg== ARC-Seal: i=1; a=rsa-sha256; d=iki.fi; s=lahtoruutu; cv=none; t=1783612335; b=TjmiNs1I8GubnpdgswPKFySeIsEnZAivSdZxqN9lv8aWhIn6VvHdjtD1CmPzFwFsm1sYAb XdvWJqkfFm+i0Uzsxk+SFXU8Mio24UPVznmQ8gBHl49vuqynosbEB1yAFBRTjA/BSIXawT tdO5ViAOsa0X509qtU0yDpcKPJ+9DNyWKXpBXvzRTPGeqgst3p2FOnudQQS8ZMeT2eBYyn HogeL3ULGqXDmnLc20PaGV0r1BVZDWxvU6FLP67zPdhLHhzp6AVWvsJjq2n3kvRXmhiDTB uaeEYxF4WKkRRtyhEX6moLVDgBmhf+ianh9+/fCZAQpPDR+Lf2nth/nobTYAHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1783612335; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=a0breiPd4teDJ9AoLDbBRLHeYGD5ubhqul+L9r50Hcw=; b=C/mDLCziv2nuM8zMg26zBy3JBqkUKOBLvEkqDPBc82GZ80u7FFqXYcSjW/wRQAUH38F+/Y i+Si+HkConkbGUj0DK9oMMwZIUa9PXgIES8J6iR/bkJl3Vf3re9ObPt2KF5rqoFRI4SMFb DGLWLPlmKHohf9a8T60E08OIvdMKAswiy/pLx+KttxCro6b21ERFWfLud9X0jegJ+rwVxV ZAEcpogdTdajLrtVnlJHhT+oyuAn7MY28gM9KIrfu/QL1g2geoGiFy9uLLmuO/oT9vatqL mHTdC93qL4J36+LKnN4EYTK5ai1D/XEhM/1LE798gpIwVuiy7rour/Fdxxzp2Q== ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=hlinnaka smtp.mailfrom=hlinnaka@iki.fi Message-ID: <1f35da9d-be6a-49df-9c56-e24c914c85a1@iki.fi> Date: Thu, 9 Jul 2026 18:52:12 +0300 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: libpq: Process buffered SSL read bytes to support records >8kB on async API From: Heikki Linnakangas To: Peter Eisentraut , solai v , Jacob Champion , Daniel Gustafsson Cc: Mark Dilger , Andres Freund , Lars Kanis , pgsql-hackers@lists.postgresql.org, Merlin Moncure References: <2039ac58-d3e0-434b-ac1a-2a987f3b4cb1@greiz-reinsdorf.de> <57d1e8b1-d016-4cea-9b60-63cbdb40eb81@iki.fi> <990a4710-fed1-411a-aba4-ddc25825ee48@iki.fi> <34844e8c-267c-4daf-b1e0-f26059a4a7d3@eisentraut.org> <4cdfc0dc-9f66-4113-ad00-6e7a2cfa7211@iki.fi> Content-Language: en-US In-Reply-To: <4cdfc0dc-9f66-4113-ad00-6e7a2cfa7211@iki.fi> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 09/07/2026 15:55, Heikki Linnakangas wrote: > On 08/07/2026 22:16, Peter Eisentraut wrote: >> In pqDrainPending(), there is >> >>      nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd, >>                            bytes_pending); >>      conn->inEnd += nread; >> >> But pqsecure_read() can return -1 for error.  So adding that to conn- >>  >inEnd at that point seems wrong. >> >> There is error handling in the following code, but this would still >> kind of corrupt the conn->inEnd value? >> >>      /* When there are bytes pending, the read function is not >> supposed to fail */ >>      if (nread != bytes_pending) >>      { >>          libpq_append_conn_error(conn, >>                                  "drained only %zu of %zd pending >> bytes in transport buffer", >>                                  nread, bytes_pending); >>          return -1; >>      } >> >> I'm not sure if that comment means that a -1 return cannot happen?  Or >> just that the whole error check should not happen? > > The comment in pgsecure_bytes_pending() says: > >>  * If pqsecure_read() is called for this number of bytes, it's >> guaranteed to >>  * return successfully without reading from the underlying socket.  See >>  * pqDrainPending() for a more complete discussion of the concepts >> involved. > > so as long as pqsecure_read() and pqsecure_read_pending() honor that > contract, pqsecure_read() should not return an error. I agree that's a > bit sloppy though, we should still check the return value. > > The intention was also that it cannot do a short read, but that wasn't > quite clear from the comment either. > >> Also note that the format placeholder for nread is wrong.  If you do >> get a -1, it will print some large unsigned value. > > Good catch. > > Patch attached to clean up all that. Committed that, and Daniel's #include fix for LibreSSL too. - Heikki