Mercurial > hg > nginx-vendor-current

diff src/event/ngx_event_openssl.c @ 138:8e6d4d96ec4c NGINX_0_3_16

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.3.16 *) Feature: the ngx_http_map_module. *) Feature: the "types_hash_max_size" and "types_hash_bucket_size" directives. *) Feature: the "ssi_value_length" directive. *) Feature: the "worker_rlimit_core" directive. *) Workaround: the connection number in logs was always 1 if nginx was built by the icc 8.1 or 9.0 compilers with optimization for Pentium 4. *) Bugfix: the "config timefmt" SSI command set incorrect time format. *) Bugfix: nginx did not close connection to IMAP/POP3 backend for the SSL connections; bug appeared in 0.3.13. Thanks to Rob Mueller. *) Bugfix: segmentation fault may occurred in at SSL shutdown; bug appeared in 0.3.13.
author Igor Sysoev <http://sysoev.ru>
date Fri, 16 Dec 2005 00:00:00 +0300
parents 91372f004adf
children 55a211e5eeb7
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -540,6 +540,7 @@ ngx_ssl_handle_recv(ngx_connection_t *c,
 
     c->ssl->no_wait_shutdown = 1;
     c->ssl->no_send_shutdown = 1;
+    c->read->eof = 1;
 
     if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) {
         ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
@@ -814,9 +815,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)
     SSL_set_shutdown(c->ssl->connection, mode);
 
     again = 0;
-#if (NGX_SUPPRESS_WARN)
     sslerr = 0;
-#endif
 
     for ( ;; ) {
         n = SSL_shutdown(c->ssl->connection);
@@ -845,27 +844,25 @@ ngx_ssl_shutdown(ngx_connection_t *c)
                        "SSL_get_error: %d", sslerr);
     }
 
-    if (again || sslerr == SSL_ERROR_WANT_READ) {
-
-        ngx_add_timer(c->read, 30000);
-
+    if (again
+        || sslerr == SSL_ERROR_WANT_READ
+        || sslerr == SSL_ERROR_WANT_WRITE)
+    {
         c->read->handler = ngx_ssl_shutdown_handler;
+        c->write->handler = ngx_ssl_shutdown_handler;
 
         if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
             return NGX_ERROR;
         }
 
-        return NGX_AGAIN;
-    }
-
-    if (sslerr == SSL_ERROR_WANT_WRITE) {
-
-        c->write->handler = ngx_ssl_shutdown_handler;
-
         if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
             return NGX_ERROR;
         }
 
+        if (again || sslerr == SSL_ERROR_WANT_READ) {
+            ngx_add_timer(c->read, 30000);
+        }
+
         return NGX_AGAIN;
     }
 
@@ -914,6 +911,9 @@ ngx_ssl_connection_error(ngx_connection_
         if (err == NGX_ECONNRESET
             || err == NGX_EPIPE
             || err == NGX_ENOTCONN
+#if !(NGX_CRIT_ETIMEDOUT)
+            || err == NGX_ETIMEDOUT
+#endif
             || err == NGX_ECONNREFUSED
             || err == NGX_EHOSTUNREACH)
         {
@@ -977,13 +977,13 @@ ngx_ssl_error(ngx_uint_t level, ngx_log_
 void
 ngx_ssl_cleanup_ctx(void *data)
 {
-   ngx_ssl_t  *ssl = data;
+    ngx_ssl_t  *ssl = data;
 
-   if (ssl->rsa512_key) {
-       RSA_free(ssl->rsa512_key);
-   }
+    if (ssl->rsa512_key) {
+        RSA_free(ssl->rsa512_key);
+    }
 
-   SSL_CTX_free(ssl->ctx);
+    SSL_CTX_free(ssl->ctx);
 }