Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 8250:7efae6b4cfb0
SSL: fixed SSL shutdown on lingering close.
Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.
The bug had appeared in 554c6ae25ffc.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Tue, 08 Dec 2020 01:43:36 +0300 |
parents | a46fcf101cfc |
children | f61d347158d0 018a09b766ef |
comparison
equal
deleted
inserted
replaced
8249:90cc7194e993 | 8250:7efae6b4cfb0 |
---|---|
2878 * Avoid calling SSL_shutdown() if handshake wasn't completed. | 2878 * Avoid calling SSL_shutdown() if handshake wasn't completed. |
2879 */ | 2879 */ |
2880 | 2880 |
2881 SSL_free(c->ssl->connection); | 2881 SSL_free(c->ssl->connection); |
2882 c->ssl = NULL; | 2882 c->ssl = NULL; |
2883 c->recv = ngx_recv; | |
2883 | 2884 |
2884 return NGX_OK; | 2885 return NGX_OK; |
2885 } | 2886 } |
2886 | 2887 |
2887 if (c->timedout || c->error || c->buffered) { | 2888 if (c->timedout || c->error || c->buffered) { |
2923 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); | 2924 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); |
2924 | 2925 |
2925 if (n == 1) { | 2926 if (n == 1) { |
2926 SSL_free(c->ssl->connection); | 2927 SSL_free(c->ssl->connection); |
2927 c->ssl = NULL; | 2928 c->ssl = NULL; |
2929 c->recv = ngx_recv; | |
2928 | 2930 |
2929 return NGX_OK; | 2931 return NGX_OK; |
2930 } | 2932 } |
2931 | 2933 |
2932 if (n == 0 && tries-- > 1) { | 2934 if (n == 0 && tries-- > 1) { |
2965 } | 2967 } |
2966 | 2968 |
2967 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { | 2969 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { |
2968 SSL_free(c->ssl->connection); | 2970 SSL_free(c->ssl->connection); |
2969 c->ssl = NULL; | 2971 c->ssl = NULL; |
2972 c->recv = ngx_recv; | |
2970 | 2973 |
2971 return NGX_OK; | 2974 return NGX_OK; |
2972 } | 2975 } |
2973 | 2976 |
2974 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; | 2977 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; |
2975 | 2978 |
2976 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); | 2979 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); |
2977 | 2980 |
2978 SSL_free(c->ssl->connection); | 2981 SSL_free(c->ssl->connection); |
2979 c->ssl = NULL; | 2982 c->ssl = NULL; |
2983 c->recv = ngx_recv; | |
2980 | 2984 |
2981 return NGX_ERROR; | 2985 return NGX_ERROR; |
2982 } | 2986 } |
2983 } | 2987 } |
2984 | 2988 |