Treat clean shutdown of an SSL connection same as the non-SSL case.

If the client closes an SSL connection, treat it the same as EOF on a
non-SSL connection. In particular, don't write a message in the log about
that.

Michael Paquier.

Discussion: https://www.postgresql.org/message-id/CAB7nPqSfyVV42Q2acFo%[email protected]

1 files changed, 11 insertions, 3 deletions

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 036d58a24e..67145e9412 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -688,11 +688,13 @@ be_tls_read(Port *port, void *ptr, size_t len, int *waitfor)
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
 					 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-			/* fall through */
-		case SSL_ERROR_ZERO_RETURN:
 			errno = ECONNRESET;
 			n = -1;
 			break;
+		case SSL_ERROR_ZERO_RETURN:
+			/* connection was cleanly shut down by peer */
+			n = 0;
+			break;
 		default:
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
@@ -748,8 +750,14 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
 			ereport(COMMERROR,
 					(errcode(ERRCODE_PROTOCOL_VIOLATION),
 					 errmsg("SSL error: %s", SSLerrmessage(ecode))));
-			/* fall through */
+			errno = ECONNRESET;
+			n = -1;
+			break;
 		case SSL_ERROR_ZERO_RETURN:
+			/*
+			 * the SSL connnection was closed, leave it to the caller
+			 * to ereport it
+			 */
 			errno = ECONNRESET;
 			n = -1;
 			break;