On Fri, Apr 8, 2016 at 10:23 AM, Peter Eisentraut <peter_e@gmx.net> wrote:
> On 04/07/2016 03:47 AM, Michael Paquier wrote:
>>
>> I have looked at this patch. Do we need to worry as well about
>> SSL_shutdown in disconnection code path? I believe that we don't care
>> much if an error happens at this point but we surely should consume
>> any error generated because the SSL context is kept after
>> destroy_ssl_system and another connection attempt may be done using
>> the same SSL context, no?
>
>
> But we are the only user of our SSL context, and we clear the error before
> every call we make (with this patch). The clean up afterwards is only if
> someone else is also using SSL in the same process, and they won't use our
> SSL context.
Argh, yes. Because SSL_free() is directly used. I should read those
docs more carefully.
--
Michael