Mercurial > hg > nginx-vendor-0-8
diff src/event/ngx_event_openssl.c @ 138:8e6d4d96ec4c NGINX_0_3_16
nginx 0.3.16
*) Feature: the ngx_http_map_module.
*) Feature: the "types_hash_max_size" and "types_hash_bucket_size"
directives.
*) Feature: the "ssi_value_length" directive.
*) Feature: the "worker_rlimit_core" directive.
*) Workaround: the connection number in logs was always 1 if nginx was
built by the icc 8.1 or 9.0 compilers with optimization for
Pentium 4.
*) Bugfix: the "config timefmt" SSI command set incorrect time format.
*) Bugfix: nginx did not close connection to IMAP/POP3 backend for the
SSL connections; bug appeared in 0.3.13.
Thanks to Rob Mueller.
*) Bugfix: segmentation fault may occurred in at SSL shutdown; bug
appeared in 0.3.13.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Fri, 16 Dec 2005 00:00:00 +0300 |
parents | 91372f004adf |
children | 55a211e5eeb7 |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -540,6 +540,7 @@ ngx_ssl_handle_recv(ngx_connection_t *c, c->ssl->no_wait_shutdown = 1; c->ssl->no_send_shutdown = 1; + c->read->eof = 1; if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, @@ -814,9 +815,7 @@ ngx_ssl_shutdown(ngx_connection_t *c) SSL_set_shutdown(c->ssl->connection, mode); again = 0; -#if (NGX_SUPPRESS_WARN) sslerr = 0; -#endif for ( ;; ) { n = SSL_shutdown(c->ssl->connection); @@ -845,27 +844,25 @@ ngx_ssl_shutdown(ngx_connection_t *c) "SSL_get_error: %d", sslerr); } - if (again || sslerr == SSL_ERROR_WANT_READ) { - - ngx_add_timer(c->read, 30000); - + if (again + || sslerr == SSL_ERROR_WANT_READ + || sslerr == SSL_ERROR_WANT_WRITE) + { c->read->handler = ngx_ssl_shutdown_handler; + c->write->handler = ngx_ssl_shutdown_handler; if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { return NGX_ERROR; } - return NGX_AGAIN; - } - - if (sslerr == SSL_ERROR_WANT_WRITE) { - - c->write->handler = ngx_ssl_shutdown_handler; - if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { return NGX_ERROR; } + if (again || sslerr == SSL_ERROR_WANT_READ) { + ngx_add_timer(c->read, 30000); + } + return NGX_AGAIN; } @@ -914,6 +911,9 @@ ngx_ssl_connection_error(ngx_connection_ if (err == NGX_ECONNRESET || err == NGX_EPIPE || err == NGX_ENOTCONN +#if !(NGX_CRIT_ETIMEDOUT) + || err == NGX_ETIMEDOUT +#endif || err == NGX_ECONNREFUSED || err == NGX_EHOSTUNREACH) { @@ -977,13 +977,13 @@ ngx_ssl_error(ngx_uint_t level, ngx_log_ void ngx_ssl_cleanup_ctx(void *data) { - ngx_ssl_t *ssl = data; + ngx_ssl_t *ssl = data; - if (ssl->rsa512_key) { - RSA_free(ssl->rsa512_key); - } + if (ssl->rsa512_key) { + RSA_free(ssl->rsa512_key); + } - SSL_CTX_free(ssl->ctx); + SSL_CTX_free(ssl->ctx); }