Andres Freund <and...@anarazel.de> writes: > On 2023-12-08 10:05:09 -0500, Tom Lane wrote: >> ... there was already opinion upthread that this should be on by >> default, which I agree with. You shouldn't be hitting cases like >> this commonly (if so, they're bugs to fix or the errcode should be >> rethought), and the failure might be pretty hard to reproduce.
> FWIW, I did some analysis on aggregated logs on a larger number of machines, > and it does look like that'd be a measurable increase in log volume. There are > a few voluminous internal errors in core, but the bigger issue is > extensions. They are typically much less disciplined about assigning error > codes than core PG is. Well, I don't see much wrong with making a push to assign error codes to more calls. We've had other discussions about doing that. Certainly these SSL failures are not "internal" errors. > could not accept SSL connection: %m - with zero errno > ... > I'm a bit confused about the huge number of "could not accept SSL connection: > %m" with a zero errno. I guess we must be clearing errno somehow, but I don't > immediately see where. Or perhaps we need to actually look at what > SSL_get_error() returns? Hmm, don't suppose you have a way to reproduce that? regards, tom lane