Fix error handling in be_tls_open_server()

Sergey Shinderuk <s.shinderuk@postgrespro.ru>

From: Sergey Shinderuk <s.shinderuk@postgrespro.ru>
To: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2023-08-01T14:44:13Z
Lists: pgsql-hackers

Attachments

Hi,

A static analyzer reported a possible pfree(NULL) in 
be_tls_open_server(). Here is a fix. Also handle an error from 
X509_NAME_print_ex().

AFAICS, the error "SSL certificate's distinguished name contains 
embedded null" could not be reached at all, because XN_FLAG_RFC2253 
passed to X509_NAME_print_ex() ensures that null bytes are escaped.

Best regards,

-- 
Sergey Shinderuk		https://postgrespro.com/

Commits

  1. Avoid potential pfree on NULL on OpenSSL errors