Treat clean shutdown of an SSL connection same as the non-SSL case.

hlinnaka · hlinnaka · commit 543e00bc1f06 · 2017-07-03T14:53:10.000+03:00
If the client closes an SSL connection, treat it the same as EOF on a non-SSL connection. In particular, don't write a message in the log about that. Michael Paquier. Discussion: https://www.postgresql.org/message-id/CAB7nPqSfyVV42Q2acFo%3DvrvF2gxoZAMJLAPq3S3KkjhZAYi7aw@mail.gmail.com
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
@@ -289,11 +289,13 @@ secure_read(Port *port, void *ptr, size_t len)
 				ereport(COMMERROR,
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-				/* fall through */
-			case SSL_ERROR_ZERO_RETURN:
 				errno = ECONNRESET;
 				n = -1;
 				break;
+			case SSL_ERROR_ZERO_RETURN:
+				/* connection was cleanly shut down by peer */
+				n = 0;
+				break;
 			default:
 				ereport(COMMERROR,
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
@@ -414,8 +416,14 @@ secure_write(Port *port, void *ptr, size_t len)
 				ereport(COMMERROR,
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-				/* fall through */
+				errno = ECONNRESET;
+				n = -1;
+				break;
 			case SSL_ERROR_ZERO_RETURN:
+				/*
+				 * the SSL connnection was closed, leave it to the caller
+				 * to ereport it
+				 */
 				errno = ECONNRESET;
 				n = -1;
 				break;
