Mercurial > hg > nginx-quic
annotate src/core/ngx_syslog.h @ 8573:1a03af395f44
SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection. Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx. Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown(). The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.
Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0
See for additional details: https://github.com/openssl/openssl/issues/11381
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 10 Aug 2021 23:43:17 +0300 |
parents | 7f9935f07fe9 |
children | 29adacffdefa |
rev | line source |
---|---|
5702
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #ifndef _NGX_SYSLOG_H_INCLUDED_ |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #define _NGX_SYSLOG_H_INCLUDED_ |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 typedef struct { |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 ngx_uint_t facility; |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
13 ngx_uint_t severity; |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
14 ngx_str_t tag; |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
15 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
16 ngx_addr_t server; |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
17 ngx_connection_t conn; |
6286
a6a2016b8e31
Syslog: added "nohostname" option.
Vladimir Homutov <vl@nginx.com>
parents:
5857
diff
changeset
|
18 unsigned busy:1; |
a6a2016b8e31
Syslog: added "nohostname" option.
Vladimir Homutov <vl@nginx.com>
parents:
5857
diff
changeset
|
19 unsigned nohostname:1; |
5702
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
20 } ngx_syslog_peer_t; |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
21 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
22 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
23 char *ngx_syslog_process_conf(ngx_conf_t *cf, ngx_syslog_peer_t *peer); |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
24 u_char *ngx_syslog_add_header(ngx_syslog_peer_t *peer, u_char *buf); |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
25 void ngx_syslog_writer(ngx_log_t *log, ngx_uint_t level, u_char *buf, |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
26 size_t len); |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
27 ssize_t ngx_syslog_send(ngx_syslog_peer_t *peer, u_char *buf, size_t len); |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 |
777202558122
Added syslog support for error_log and access_log directives.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 #endif /* _NGX_SYSLOG_H_INCLUDED_ */ |