postgres
diff --git a/‎src/backend/libpq/be-secure.c
Copy file name to clipboardExpand all lines: src/backend/libpq/be-secure.c
+21-16Lines changed: 21 additions & 16 deletions b/‎src/backend/libpq/be-secure.c
Copy file name to clipboardExpand all lines: src/backend/libpq/be-secure.c
+21-16Lines changed: 21 additions & 16 deletions
diff --git a/‎src/backend/tcop/postgres.c
Copy file name to clipboardExpand all lines: src/backend/tcop/postgres.c
+6Lines changed: 6 additions & 0 deletions b/‎src/backend/tcop/postgres.c
Copy file name to clipboardExpand all lines: src/backend/tcop/postgres.c
+6Lines changed: 6 additions & 0 deletions
@@ -295,6 +295,7 @@ secure_read(Port *port, void *ptr, size_t len)
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("unrecognized SSL error code: %d",
 								err)));
+				errno = ECONNRESET;
 				n = -1;
 				break;
 		}
@@ -416,28 +417,32 @@ secure_write(Port *port, void *ptr, size_t len)
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("unrecognized SSL error code: %d",
 								err)));
+				errno = ECONNRESET;
 				n = -1;
 				break;
 		}
 
-		/* is renegotiation complete? */
-		if (in_ssl_renegotiation &&
-			SSL_num_renegotiations(port->ssl) >= 1)
+		if (n >= 0)
 		{
-			in_ssl_renegotiation = false;
-			port->count = 0;
-		}
+			/* is renegotiation complete? */
+			if (in_ssl_renegotiation &&
+				SSL_num_renegotiations(port->ssl) >= 1)
+			{
+				in_ssl_renegotiation = false;
+				port->count = 0;
+			}
 
-		/*
-		 * if renegotiation is still ongoing, and we've gone beyond the limit,
-		 * kill the connection now -- continuing to use it can be considered a
-		 * security problem.
-		 */
-		if (in_ssl_renegotiation &&
-			port->count > ssl_renegotiation_limit * 1024L)
-			ereport(FATAL,
-					(errcode(ERRCODE_PROTOCOL_VIOLATION),
-					 errmsg("SSL failed to renegotiate connection before limit expired")));
+			/*
+			 * if renegotiation is still ongoing, and we've gone beyond the
+			 * limit, kill the connection now -- continuing to use it can be
+			 * considered a security problem.
+			 */
+			if (in_ssl_renegotiation &&
+				port->count > ssl_renegotiation_limit * 1024L)
+				ereport(FATAL,
+						(errcode(ERRCODE_PROTOCOL_VIOLATION),
+						 errmsg("SSL failed to renegotiate connection before limit expired")));
+		}
 	}
 	else
 #endif
 
@@ -526,16 +526,22 @@ prepare_for_client_read(void)
 
 /*
  * client_read_ended -- get out of the client-input state
+ *
+ * This is called just after low-level reads.  It must preserve errno!
  */
 void
 client_read_ended(void)
 {
 	if (DoingCommandRead)
 	{
+		int			save_errno = errno;
+
 		ImmediateInterruptOK = false;
 
 		DisableNotifyInterrupt();
 		DisableCatchupInterrupt();
+
+		errno = save_errno;
 	}
 }
Original file line number	Diff line number	Diff line change
`@@ -526,16 +526,22 @@ prepare_for_client_read(void)`
`526`	`526`
`527`	`527`	`/*`
`528`	`528`	`* client_read_ended -- get out of the client-input state`
	`529`	`+ *`
	`530`	`+ * This is called just after low-level reads. It must preserve errno!`
`529`	`531`	`*/`
`530`	`532`	`void`
`531`	`533`	`client_read_ended(void)`
`532`	`534`	`{`
`533`	`535`	`if (DoingCommandRead)`
`534`	`536`	`{`
	`537`	`+ int save_errno = errno;`
	`538`	`+`
`535`	`539`	`ImmediateInterruptOK = false;`
`536`	`540`
`537`	`541`	`DisableNotifyInterrupt();`
`538`	`542`	`DisableCatchupInterrupt();`
	`543`	`+`
	`544`	`+ errno = save_errno;`
`539`	`545`	`}`
`540`	`546`	`}`
`541`	`547`