From: Heikki Linnakangas <heikki.linnakangas@iki.fi>
Date: Mon, 3 Jul 2017 11:51:51 +0000 (+0300)
Subject: Treat clean shutdown of an SSL connection same as the non-SSL case.
X-Git-Tag: REL9_6_4~64
X-Git-Url: http://git.postgresql.org/gitweb/?a=commitdiff_plain;h=f73382877e3ec2ff4b3fcedfd2566ccd90ef3e1c;p=postgresql.git

Treat clean shutdown of an SSL connection same as the non-SSL case.

If the client closes an SSL connection, treat it the same as EOF on a
non-SSL connection. In particular, don't write a message in the log about
that.

Michael Paquier.

Discussion: https://www.postgresql.org/message-id/CAB7nPqSfyVV42Q2acFo%3DvrvF2gxoZAMJLAPq3S3KkjhZAYi7aw@mail.gmail.com
---

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 3a39cb7dc6b..2ff9d1cf857 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -582,11 +582,13 @@ be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
 					 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-			/* fall through */
-		case SSL_ERROR_ZERO_RETURN:
 			errno = ECONNRESET;
 			n = -1;
 			break;
+		case SSL_ERROR_ZERO_RETURN:
+			/* connection was cleanly shut down by peer */
+			n = 0;
+			break;
 		default:
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
@@ -642,8 +644,14 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
 					 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-			/* fall through */
+			errno = ECONNRESET;
+			n = -1;
+			break;
 		case SSL_ERROR_ZERO_RETURN:
+			/*
+			 * the SSL connnection was closed, leave it to the caller
+			 * to ereport it
+			 */
 			errno = ECONNRESET;
 			n = -1;
 			break;