Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 8813:6674a50cbb6c quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merged with the default branch.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 15 Jul 2021 16:28:21 +0300
parents 05e0988a6898 5f765427c17a
children fac88e160653
comparison
equal deleted inserted replaced
8812:e7a2d3914877 8813:6674a50cbb6c
2894 2894
2895 ngx_int_t 2895 ngx_int_t
2896 ngx_ssl_shutdown(ngx_connection_t *c) 2896 ngx_ssl_shutdown(ngx_connection_t *c)
2897 { 2897 {
2898 int n, sslerr, mode; 2898 int n, sslerr, mode;
2899 ngx_int_t rc;
2899 ngx_err_t err; 2900 ngx_err_t err;
2900 ngx_uint_t tries; 2901 ngx_uint_t tries;
2901 2902
2902 #if (NGX_QUIC) 2903 #if (NGX_QUIC)
2903 if (c->quic) { 2904 if (c->quic) {
2904 /* QUIC streams inherit SSL object */ 2905 /* QUIC streams inherit SSL object */
2905 return NGX_OK; 2906 return NGX_OK;
2906 } 2907 }
2907 #endif 2908 #endif
2909
2910 rc = NGX_OK;
2908 2911
2909 ngx_ssl_ocsp_cleanup(c); 2912 ngx_ssl_ocsp_cleanup(c);
2910 2913
2911 if (SSL_in_init(c->ssl->connection)) { 2914 if (SSL_in_init(c->ssl->connection)) {
2912 /* 2915 /*
2913 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during 2916 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during
2914 * an SSL handshake, while previous versions always return 0. 2917 * an SSL handshake, while previous versions always return 0.
2915 * Avoid calling SSL_shutdown() if handshake wasn't completed. 2918 * Avoid calling SSL_shutdown() if handshake wasn't completed.
2916 */ 2919 */
2917 2920
2918 SSL_free(c->ssl->connection); 2921 goto done;
2919 c->ssl = NULL;
2920 c->recv = ngx_recv;
2921
2922 return NGX_OK;
2923 } 2922 }
2924 2923
2925 if (c->timedout || c->error || c->buffered) { 2924 if (c->timedout || c->error || c->buffered) {
2926 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; 2925 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN;
2927 SSL_set_quiet_shutdown(c->ssl->connection, 1); 2926 SSL_set_quiet_shutdown(c->ssl->connection, 1);
2959 n = SSL_shutdown(c->ssl->connection); 2958 n = SSL_shutdown(c->ssl->connection);
2960 2959
2961 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); 2960 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n);
2962 2961
2963 if (n == 1) { 2962 if (n == 1) {
2964 SSL_free(c->ssl->connection); 2963 goto done;
2965 c->ssl = NULL;
2966 c->recv = ngx_recv;
2967
2968 return NGX_OK;
2969 } 2964 }
2970 2965
2971 if (n == 0 && tries-- > 1) { 2966 if (n == 0 && tries-- > 1) {
2972 continue; 2967 continue;
2973 } 2968 }
2989 } else { 2984 } else {
2990 c->write->ready = 0; 2985 c->write->ready = 0;
2991 } 2986 }
2992 2987
2993 if (ngx_handle_read_event(c->read, 0) != NGX_OK) { 2988 if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
2994 return NGX_ERROR; 2989 goto failed;
2995 } 2990 }
2996 2991
2997 if (ngx_handle_write_event(c->write, 0) != NGX_OK) { 2992 if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
2998 return NGX_ERROR; 2993 goto failed;
2999 } 2994 }
3000 2995
3001 ngx_add_timer(c->read, 3000); 2996 ngx_add_timer(c->read, 3000);
3002 2997
3003 return NGX_AGAIN; 2998 return NGX_AGAIN;
3004 } 2999 }
3005 3000
3006 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { 3001 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) {
3007 SSL_free(c->ssl->connection); 3002 goto done;
3008 c->ssl = NULL;
3009 c->recv = ngx_recv;
3010
3011 return NGX_OK;
3012 } 3003 }
3013 3004
3014 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; 3005 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
3015 3006
3016 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); 3007 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed");
3017 3008
3018 SSL_free(c->ssl->connection); 3009 break;
3019 c->ssl = NULL; 3010 }
3011
3012 failed:
3013
3014 rc = NGX_ERROR;
3015
3016 done:
3017
3018 if (c->ssl->shutdown_without_free) {
3019 c->ssl->shutdown_without_free = 0;
3020 c->recv = ngx_recv; 3020 c->recv = ngx_recv;
3021 3021 return rc;
3022 return NGX_ERROR; 3022 }
3023 } 3023
3024 SSL_free(c->ssl->connection);
3025 c->ssl = NULL;
3026 c->recv = ngx_recv;
3027
3028 return rc;
3024 } 3029 }
3025 3030
3026 3031
3027 static void 3032 static void
3028 ngx_ssl_shutdown_handler(ngx_event_t *ev) 3033 ngx_ssl_shutdown_handler(ngx_event_t *ev)