- Squelch SSL read and write connection reset by peer and broken pipe

  messages.  Verbosity 2 and higher enables them.

git-svn-id: file:///svn/unbound/trunk@5158 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 253a1429f547dad422acfb7f937da43a196c990b..acaa42b9b3599e3de4efcb6695da6c02311bdb6d 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -7,6 +7,8 @@
          SOA serial probes.  This fixes that probes fail because earlier
          probe addresses are unreachable.
        - Fix that auth zone fails over to next master for timeout in tcp.
+       - Squelch SSL read and write connection reset by peer and broken pipe 
+         messages.  Verbosity 2 and higher enables them.
 
 8 April 2019: Wouter
        - Fix to use event_assign with libevent for thread-safety.

diff --git a/util/netevent.c b/util/netevent.c
index 65ada7f7a6065f388c22082ef64f565375fd146c..17b3f2a4938c419b4db49219879272a4c453535e 100644 (file)
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -1192,6 +1192,10 @@ ssl_handle_read(struct comm_point* c)
                                comm_point_listen_for_rw(c, 0, 1);
                                return 1;
                        } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef ECONNRESET
+                               if(errno == ECONNRESET && verbosity < 2)
+                                       return 0; /* silence reset by peer */
+#endif
                                if(errno != 0)
                                        log_err("SSL_read syscall: %s",
                                                strerror(errno));
@@ -1236,6 +1240,10 @@ ssl_handle_read(struct comm_point* c)
                                comm_point_listen_for_rw(c, 0, 1);
                                return 1;
                        } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef ECONNRESET
+                               if(errno == ECONNRESET && verbosity < 2)
+                                       return 0; /* silence reset by peer */
+#endif
                                if(errno != 0)
                                        log_err("SSL_read syscall: %s",
                                                strerror(errno));
@@ -1303,6 +1311,10 @@ ssl_handle_write(struct comm_point* c)
                                ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE);
                                return 1; /* write more later */
                        } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef EPIPE
+                               if(errno == EPIPE && verbosity < 2)
+                                       return 0; /* silence 'broken pipe' */
+#endif
                                if(errno != 0)
                                        log_err("SSL_write syscall: %s",
                                                strerror(errno));
@@ -1337,6 +1349,10 @@ ssl_handle_write(struct comm_point* c)
                        ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE);
                        return 1; /* write more later */
                } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef EPIPE
+                       if(errno == EPIPE && verbosity < 2)
+                               return 0; /* silence 'broken pipe' */
+#endif
                        if(errno != 0)
                                log_err("SSL_write syscall: %s",
                                        strerror(errno));
@@ -1834,6 +1850,10 @@ ssl_http_read_more(struct comm_point* c)
                        comm_point_listen_for_rw(c, 0, 1);
                        return 1;
                } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef ECONNRESET
+                       if(errno == ECONNRESET && verbosity < 2)
+                               return 0; /* silence reset by peer */
+#endif
                        if(errno != 0)
                                log_err("SSL_read syscall: %s",
                                        strerror(errno));
@@ -2282,6 +2302,10 @@ ssl_http_write_more(struct comm_point* c)
                } else if(want == SSL_ERROR_WANT_WRITE) {
                        return 1; /* write more later */
                } else if(want == SSL_ERROR_SYSCALL) {
+#ifdef EPIPE
+                       if(errno == EPIPE && verbosity < 2)
+                               return 0; /* silence 'broken pipe' */
+#endif
                        if(errno != 0)
                                log_err("SSL_write syscall: %s",
                                        strerror(errno));