Mercurial > hg > nginx-quic
view src/event/ngx_event_timer.h @ 8573:1a03af395f44
SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection. Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx. Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown(). The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.
Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0
See for additional details: https://github.com/openssl/openssl/issues/11381
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 10 Aug 2021 23:43:17 +0300 |
parents | 3069dd358ba2 |
children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_EVENT_TIMER_H_INCLUDED_ #define _NGX_EVENT_TIMER_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> #define NGX_TIMER_INFINITE (ngx_msec_t) -1 #define NGX_TIMER_LAZY_DELAY 300 ngx_int_t ngx_event_timer_init(ngx_log_t *log); ngx_msec_t ngx_event_find_timer(void); void ngx_event_expire_timers(void); ngx_int_t ngx_event_no_timers_left(void); extern ngx_rbtree_t ngx_event_timer_rbtree; static ngx_inline void ngx_event_del_timer(ngx_event_t *ev) { ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ev->log, 0, "event timer del: %d: %M", ngx_event_ident(ev->data), ev->timer.key); ngx_rbtree_delete(&ngx_event_timer_rbtree, &ev->timer); #if (NGX_DEBUG) ev->timer.left = NULL; ev->timer.right = NULL; ev->timer.parent = NULL; #endif ev->timer_set = 0; } static ngx_inline void ngx_event_add_timer(ngx_event_t *ev, ngx_msec_t timer) { ngx_msec_t key; ngx_msec_int_t diff; key = ngx_current_msec + timer; if (ev->timer_set) { /* * Use a previous timer value if difference between it and a new * value is less than NGX_TIMER_LAZY_DELAY milliseconds: this allows * to minimize the rbtree operations for fast connections. */ diff = (ngx_msec_int_t) (key - ev->timer.key); if (ngx_abs(diff) < NGX_TIMER_LAZY_DELAY) { ngx_log_debug3(NGX_LOG_DEBUG_EVENT, ev->log, 0, "event timer: %d, old: %M, new: %M", ngx_event_ident(ev->data), ev->timer.key, key); return; } ngx_del_timer(ev); } ev->timer.key = key; ngx_log_debug3(NGX_LOG_DEBUG_EVENT, ev->log, 0, "event timer add: %d: %M:%M", ngx_event_ident(ev->data), timer, ev->timer.key); ngx_rbtree_insert(&ngx_event_timer_rbtree, &ev->timer); ev->timer_set = 1; } #endif /* _NGX_EVENT_TIMER_H_INCLUDED_ */