SSL renegotiation is broken - Mailing list pgsql-jdbc

It seems that SSL renegotiation between the JDBC driver and
the PostgreSQL server is broken and has been forever, or at least
for a while.

I tried this test program:

public class PGConn {
    public static void main(String[] args) throws ClassNotFoundException, java.sql.SQLException, java.io.IOException {
        Class.forName("org.postgresql.Driver");
        java.sql.Connection conn =
java.sql.DriverManager.getConnection("jdbc:postgresql://hostname/dbname?user=me&password=pwd&ssl&sslfactory=org.postgresql.ssl.NonValidatingFactory");
        java.sql.Statement stmt = conn.createStatement();
        stmt.execute("SET ssl_renegotiation_limit='3kB'");
        System.out.println("First SELECT.");
        stmt.executeQuery("SELECT repeat('0123456789', 900)").close();
        System.out.println("Second SELECT.");
        stmt.executeQuery("SELECT repeat('0123456789', 900)").close();
        conn.close();
        System.out.println("Done.");
    }
}

The result is:

First SELECT.
Second SELECT.
Exception in thread "main" org.postgresql.util.PSQLException: An I/O error occurred while sending to the backend.
    at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:283)
    at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:570)
    at org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:406)
    at org.postgresql.jdbc2.AbstractJdbc2Statement.executeQuery(AbstractJdbc2Statement.java:286)
    at PGConn.main(PGConn.java:19)
Caused by: javax.net.ssl.SSLException: Received fatal alert: unexpected_message
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1725)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
    at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:970)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:341)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:891)
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
    at org.postgresql.core.VisibleBufferedInputStream.readMore(VisibleBufferedInputStream.java:143)
    at org.postgresql.core.VisibleBufferedInputStream.ensureBytes(VisibleBufferedInputStream.java:112)
    at org.postgresql.core.VisibleBufferedInputStream.read(VisibleBufferedInputStream.java:71)
    at org.postgresql.core.PGStream.ReceiveChar(PGStream.java:282)
    at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1803)
    at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:255)
    ... 4 more

I can reproduce this with the following software versions:
Client side:
   Windows, JDBC driver postgresql-9.1-901.jdbc4, java full version "1.7.0_71-b14"
   Linux, JDBC driver postgresql-9.4-1200.jdbc41, java full version "1.7.0_75-mockbuild_2015_01_08_20_32-b00"
Server side:
   Windows: PostgreSQL 9.4.0 with OpenSSL 1.0.1j
   Linux: PostgreSQL 9.3.6, 9.4.1, git HEAD with OpenSSL 1.0.1e

All of these Java and OpenSSL versions are recent enough to adhere to RFC 5746.

There must be a software bug somewhere.
I am trying to debug this, but don't know a lot aboult TLS, so
if somebody can shed light on this, I'd be grateful.

Yours,
Laurenz Albe