Mercurial > hg > nginx-vendor-current
comparison src/event/ngx_event_openssl.c @ 138:8e6d4d96ec4c NGINX_0_3_16
nginx 0.3.16
*) Feature: the ngx_http_map_module.
*) Feature: the "types_hash_max_size" and "types_hash_bucket_size"
directives.
*) Feature: the "ssi_value_length" directive.
*) Feature: the "worker_rlimit_core" directive.
*) Workaround: the connection number in logs was always 1 if nginx was
built by the icc 8.1 or 9.0 compilers with optimization for
Pentium 4.
*) Bugfix: the "config timefmt" SSI command set incorrect time format.
*) Bugfix: nginx did not close connection to IMAP/POP3 backend for the
SSL connections; bug appeared in 0.3.13.
Thanks to Rob Mueller.
*) Bugfix: segmentation fault may occurred in at SSL shutdown; bug
appeared in 0.3.13.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Fri, 16 Dec 2005 00:00:00 +0300 |
| parents | 91372f004adf |
| children | 55a211e5eeb7 |
comparison
equal
deleted
inserted
replaced
| 137:768f51dd150b | 138:8e6d4d96ec4c |
|---|---|
| 538 return NGX_AGAIN; | 538 return NGX_AGAIN; |
| 539 } | 539 } |
| 540 | 540 |
| 541 c->ssl->no_wait_shutdown = 1; | 541 c->ssl->no_wait_shutdown = 1; |
| 542 c->ssl->no_send_shutdown = 1; | 542 c->ssl->no_send_shutdown = 1; |
| 543 c->read->eof = 1; | |
| 543 | 544 |
| 544 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { | 545 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { |
| 545 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 546 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 546 "peer shutdown SSL cleanly"); | 547 "peer shutdown SSL cleanly"); |
| 547 return NGX_DONE; | 548 return NGX_DONE; |
| 812 } | 813 } |
| 813 | 814 |
| 814 SSL_set_shutdown(c->ssl->connection, mode); | 815 SSL_set_shutdown(c->ssl->connection, mode); |
| 815 | 816 |
| 816 again = 0; | 817 again = 0; |
| 817 #if (NGX_SUPPRESS_WARN) | |
| 818 sslerr = 0; | 818 sslerr = 0; |
| 819 #endif | |
| 820 | 819 |
| 821 for ( ;; ) { | 820 for ( ;; ) { |
| 822 n = SSL_shutdown(c->ssl->connection); | 821 n = SSL_shutdown(c->ssl->connection); |
| 823 | 822 |
| 824 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); | 823 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); |
| 843 | 842 |
| 844 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 843 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 845 "SSL_get_error: %d", sslerr); | 844 "SSL_get_error: %d", sslerr); |
| 846 } | 845 } |
| 847 | 846 |
| 848 if (again || sslerr == SSL_ERROR_WANT_READ) { | 847 if (again |
| 849 | 848 || sslerr == SSL_ERROR_WANT_READ |
| 850 ngx_add_timer(c->read, 30000); | 849 || sslerr == SSL_ERROR_WANT_WRITE) |
| 851 | 850 { |
| 852 c->read->handler = ngx_ssl_shutdown_handler; | 851 c->read->handler = ngx_ssl_shutdown_handler; |
| 852 c->write->handler = ngx_ssl_shutdown_handler; | |
| 853 | 853 |
| 854 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { | 854 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { |
| 855 return NGX_ERROR; | 855 return NGX_ERROR; |
| 856 } | 856 } |
| 857 | 857 |
| 858 return NGX_AGAIN; | |
| 859 } | |
| 860 | |
| 861 if (sslerr == SSL_ERROR_WANT_WRITE) { | |
| 862 | |
| 863 c->write->handler = ngx_ssl_shutdown_handler; | |
| 864 | |
| 865 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { | 858 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { |
| 866 return NGX_ERROR; | 859 return NGX_ERROR; |
| 860 } | |
| 861 | |
| 862 if (again || sslerr == SSL_ERROR_WANT_READ) { | |
| 863 ngx_add_timer(c->read, 30000); | |
| 867 } | 864 } |
| 868 | 865 |
| 869 return NGX_AGAIN; | 866 return NGX_AGAIN; |
| 870 } | 867 } |
| 871 | 868 |
| 912 if (sslerr == SSL_ERROR_SYSCALL) { | 909 if (sslerr == SSL_ERROR_SYSCALL) { |
| 913 | 910 |
| 914 if (err == NGX_ECONNRESET | 911 if (err == NGX_ECONNRESET |
| 915 || err == NGX_EPIPE | 912 || err == NGX_EPIPE |
| 916 || err == NGX_ENOTCONN | 913 || err == NGX_ENOTCONN |
| 914 #if !(NGX_CRIT_ETIMEDOUT) | |
| 915 || err == NGX_ETIMEDOUT | |
| 916 #endif | |
| 917 || err == NGX_ECONNREFUSED | 917 || err == NGX_ECONNREFUSED |
| 918 || err == NGX_EHOSTUNREACH) | 918 || err == NGX_EHOSTUNREACH) |
| 919 { | 919 { |
| 920 switch (c->log_error) { | 920 switch (c->log_error) { |
| 921 | 921 |
| 975 | 975 |
| 976 | 976 |
| 977 void | 977 void |
| 978 ngx_ssl_cleanup_ctx(void *data) | 978 ngx_ssl_cleanup_ctx(void *data) |
| 979 { | 979 { |
| 980 ngx_ssl_t *ssl = data; | 980 ngx_ssl_t *ssl = data; |
| 981 | 981 |
| 982 if (ssl->rsa512_key) { | 982 if (ssl->rsa512_key) { |
| 983 RSA_free(ssl->rsa512_key); | 983 RSA_free(ssl->rsa512_key); |
| 984 } | 984 } |
| 985 | 985 |
| 986 SSL_CTX_free(ssl->ctx); | 986 SSL_CTX_free(ssl->ctx); |
| 987 } | 987 } |
| 988 | 988 |
| 989 | 989 |
| 990 static void * | 990 static void * |
| 991 ngx_openssl_create_conf(ngx_cycle_t *cycle) | 991 ngx_openssl_create_conf(ngx_cycle_t *cycle) |