Based on this report, I have developed the attached patch. Is this OK?
The idea is not to call SSL_shutdown() if errno == ECONNRESET.
---------------------------------------------------------------------------
Алексей Заяц wrote:
> Hi.
>
> > I would argue that this is an OpenSSL bug: it should not be trying to
> > write on a connection that it knows perfectly well is already dead.
> > (It should know that, anyway, because the only way that pqReadData would
> > be trying to close the connection is that it got an error indication
> > from OpenSSL.)
> May be, may be...
>
> > Possibly we could work around the problem by disabling SIGPIPE during
> > connection close, but I don't really see why we should have to do that.
> While take a look at source of libpq, i have discover following:
> while reading from pipe, you are getting
> case SSL_ERROR_ZERO_RETURN:
> SOCK_ERRNO_SET(ECONNRESET);
> but why you'r do not check
> SOCK_ERRNO != ECONNRESET
> while closing ssl connection ?
>
> i was trying this and all is work fine.
>
> In function close_SSL you are call SSL_shutdown to shutdown ssl pipe.
> But if you are already get ECONNRESET (by pear?), why you call whi funtcion?
>
> >From openssl docs.
> SSL_shutdown - shuts down an active TLS/SSL connection. It sends the ``close
> notify'' shutdown alert to the peer.
>
> That's why i've got SIGPIPE.
>
> > That's pretty much a waste of time, because all it tells you is whether
> > the connection was good the last time a query was done. It is *not*
> > intended as an active "ping".
> Ok, i'll take it in my mind.
>
> Alexey Zayats.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/docs/faq
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
Index: src/interfaces/libpq/fe-secure.c
===================================================================
RCS file: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v
retrieving revision 1.92
diff -c -c -r1.92 fe-secure.c
*** src/interfaces/libpq/fe-secure.c 8 Feb 2007 11:10:27 -0000 1.92
--- src/interfaces/libpq/fe-secure.c 14 Feb 2007 04:00:36 -0000
***************
*** 976,982 ****
{
if (conn->ssl)
{
! SSL_shutdown(conn->ssl);
SSL_free(conn->ssl);
conn->ssl = NULL;
}
--- 976,983 ----
{
if (conn->ssl)
{
! if (SOCK_ERRNO != ECONNRESET)
! SSL_shutdown(conn->ssl);
SSL_free(conn->ssl);
conn->ssl = NULL;
}