Treat clean shutdown of an SSL connection same as the non-SSL case.

If the client closes an SSL connection, treat it the same as EOF on a
non-SSL connection. In particular, don't write a message in the log about
that.

Michael Paquier.

Discussion: https://www.postgresql.org/message-id/CAB7nPqSfyVV42Q2acFo%[email protected]

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 3a39cb7dc6b64da2e70767d8ae54c1c5b775de86..2ff9d1cf857c41147030017f64437193c8372ed7 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -582,11 +582,13 @@ be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
            ereport(COMMERROR,
                    (errcode(ERRCODE_PROTOCOL_VIOLATION),
                     errmsg("SSL error: %s", SSLerrmessage(ecode))));
-           /* fall through */
-       case SSL_ERROR_ZERO_RETURN:
            errno = ECONNRESET;
            n = -1;
            break;
+       case SSL_ERROR_ZERO_RETURN:
+           /* connection was cleanly shut down by peer */
+           n = 0;
+           break;
        default:
            ereport(COMMERROR,
                    (errcode(ERRCODE_PROTOCOL_VIOLATION),
@@ -642,8 +644,14 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
            ereport(COMMERROR,
                    (errcode(ERRCODE_PROTOCOL_VIOLATION),
                     errmsg("SSL error: %s", SSLerrmessage(ecode))));
-           /* fall through */
+           errno = ECONNRESET;
+           n = -1;
+           break;
        case SSL_ERROR_ZERO_RETURN:
+           /*
+            * the SSL connnection was closed, leave it to the caller
+            * to ereport it
+            */
            errno = ECONNRESET;
            n = -1;
            break;