Mercurial > hg > nginx-quic
annotate src/core/ngx_md5.h @ 8573:1a03af395f44
SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection. Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx. Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown(). The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.
Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0
See for additional details: https://github.com/openssl/openssl/issues/11381
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 10 Aug 2021 23:43:17 +0300 |
parents | 9eefb38f0005 |
children |
rev | line source |
---|---|
1572 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
1572 | 5 */ |
6 | |
7 | |
8 #ifndef _NGX_MD5_H_INCLUDED_ | |
9 #define _NGX_MD5_H_INCLUDED_ | |
10 | |
11 | |
12 #include <ngx_config.h> | |
13 #include <ngx_core.h> | |
14 | |
15 | |
3895
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
16 typedef struct { |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
17 uint64_t bytes; |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
18 uint32_t a, b, c, d; |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
19 u_char buffer[64]; |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
20 } ngx_md5_t; |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
21 |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
22 |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
23 void ngx_md5_init(ngx_md5_t *ctx); |
3927
38e6f45c5e3d
make built-in ngx_md5_update() interface consistent with other implemenations
Igor Sysoev <igor@sysoev.ru>
parents:
3895
diff
changeset
|
24 void ngx_md5_update(ngx_md5_t *ctx, const void *data, size_t size); |
3895
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
25 void ngx_md5_final(u_char result[16], ngx_md5_t *ctx); |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
26 |
b659514a3948
an internal MD5 implemenation
Igor Sysoev <igor@sysoev.ru>
parents:
1598
diff
changeset
|
27 |
1572 | 28 #endif /* _NGX_MD5_H_INCLUDED_ */ |