From f73382877e3ec2ff4b3fcedfd2566ccd90ef3e1c Mon Sep 17 00:00:00 2001 From: Heikki Linnakangas Date: Mon, 3 Jul 2017 14:51:51 +0300 Subject: [PATCH] Treat clean shutdown of an SSL connection same as the non-SSL case. If the client closes an SSL connection, treat it the same as EOF on a non-SSL connection. In particular, don't write a message in the log about that. Michael Paquier. Discussion: https://www.postgresql.org/message-id/CAB7nPqSfyVV42Q2acFo%3DvrvF2gxoZAMJLAPq3S3KkjhZAYi7aw@mail.gmail.com --- src/backend/libpq/be-secure-openssl.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index 3a39cb7dc6b..2ff9d1cf857 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -582,11 +582,13 @@ be_tls_read(Port *port, void *ptr, size_t len, int *waitfor) ereport(COMMERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("SSL error: %s", SSLerrmessage(ecode)))); - /* fall through */ - case SSL_ERROR_ZERO_RETURN: errno = ECONNRESET; n = -1; break; + case SSL_ERROR_ZERO_RETURN: + /* connection was cleanly shut down by peer */ + n = 0; + break; default: ereport(COMMERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), @@ -642,8 +644,14 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor) ereport(COMMERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("SSL error: %s", SSLerrmessage(ecode)))); - /* fall through */ + errno = ECONNRESET; + n = -1; + break; case SSL_ERROR_ZERO_RETURN: + /* + * the SSL connnection was closed, leave it to the caller + * to ereport it + */ errno = ECONNRESET; n = -1; break;