Send close_notify TLS alert on connection shutdown (#5995)

vonzshik · web-flow · commit e8664e596d9a · 2025-02-04T11:41:00.000Z
Fixes #5994
diff --git a/src/Npgsql/Internal/NpgsqlConnector.cs b/src/Npgsql/Internal/NpgsqlConnector.cs
@@ -2189,10 +2189,25 @@ void FullCleanup()
     /// Closes the socket and cleans up client-side resources associated with this connector.
     /// </summary>
     /// <remarks>
-    /// This method doesn't actually perform any meaningful I/O, and therefore is sync-only.
+    /// This method doesn't actually perform any meaningful I/O (except sending TLS alert), and therefore is sync-only.
     /// </remarks>
     void Cleanup()
     {
+        if (_stream is SslStream sslStream)
+        {
+            try
+            {
+                // Send close_notify TLS alert to correctly close connection on postgres's side
+                sslStream.ShutdownAsync().GetAwaiter().GetResult();
+                // Theoretically we should do a 0 read here to receive server's close_notify alert
+                // But overall it doesn't look like it makes much of a difference
+            }
+            catch
+            {
+                // ignored
+            }
+        }
+
         try
         {
             _stream?.Dispose();
