Mercurial > hg > nginx-vendor-current
comparison src/event/ngx_event_openssl.c @ 138:8e6d4d96ec4c NGINX_0_3_16
nginx 0.3.16
*) Feature: the ngx_http_map_module.
*) Feature: the "types_hash_max_size" and "types_hash_bucket_size"
directives.
*) Feature: the "ssi_value_length" directive.
*) Feature: the "worker_rlimit_core" directive.
*) Workaround: the connection number in logs was always 1 if nginx was
built by the icc 8.1 or 9.0 compilers with optimization for
Pentium 4.
*) Bugfix: the "config timefmt" SSI command set incorrect time format.
*) Bugfix: nginx did not close connection to IMAP/POP3 backend for the
SSL connections; bug appeared in 0.3.13.
Thanks to Rob Mueller.
*) Bugfix: segmentation fault may occurred in at SSL shutdown; bug
appeared in 0.3.13.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Fri, 16 Dec 2005 00:00:00 +0300 |
parents | 91372f004adf |
children | 55a211e5eeb7 |
comparison
equal
deleted
inserted
replaced
137:768f51dd150b | 138:8e6d4d96ec4c |
---|---|
538 return NGX_AGAIN; | 538 return NGX_AGAIN; |
539 } | 539 } |
540 | 540 |
541 c->ssl->no_wait_shutdown = 1; | 541 c->ssl->no_wait_shutdown = 1; |
542 c->ssl->no_send_shutdown = 1; | 542 c->ssl->no_send_shutdown = 1; |
543 c->read->eof = 1; | |
543 | 544 |
544 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { | 545 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { |
545 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 546 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
546 "peer shutdown SSL cleanly"); | 547 "peer shutdown SSL cleanly"); |
547 return NGX_DONE; | 548 return NGX_DONE; |
812 } | 813 } |
813 | 814 |
814 SSL_set_shutdown(c->ssl->connection, mode); | 815 SSL_set_shutdown(c->ssl->connection, mode); |
815 | 816 |
816 again = 0; | 817 again = 0; |
817 #if (NGX_SUPPRESS_WARN) | |
818 sslerr = 0; | 818 sslerr = 0; |
819 #endif | |
820 | 819 |
821 for ( ;; ) { | 820 for ( ;; ) { |
822 n = SSL_shutdown(c->ssl->connection); | 821 n = SSL_shutdown(c->ssl->connection); |
823 | 822 |
824 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); | 823 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); |
843 | 842 |
844 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 843 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
845 "SSL_get_error: %d", sslerr); | 844 "SSL_get_error: %d", sslerr); |
846 } | 845 } |
847 | 846 |
848 if (again || sslerr == SSL_ERROR_WANT_READ) { | 847 if (again |
849 | 848 || sslerr == SSL_ERROR_WANT_READ |
850 ngx_add_timer(c->read, 30000); | 849 || sslerr == SSL_ERROR_WANT_WRITE) |
851 | 850 { |
852 c->read->handler = ngx_ssl_shutdown_handler; | 851 c->read->handler = ngx_ssl_shutdown_handler; |
852 c->write->handler = ngx_ssl_shutdown_handler; | |
853 | 853 |
854 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { | 854 if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { |
855 return NGX_ERROR; | 855 return NGX_ERROR; |
856 } | 856 } |
857 | 857 |
858 return NGX_AGAIN; | |
859 } | |
860 | |
861 if (sslerr == SSL_ERROR_WANT_WRITE) { | |
862 | |
863 c->write->handler = ngx_ssl_shutdown_handler; | |
864 | |
865 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { | 858 if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { |
866 return NGX_ERROR; | 859 return NGX_ERROR; |
860 } | |
861 | |
862 if (again || sslerr == SSL_ERROR_WANT_READ) { | |
863 ngx_add_timer(c->read, 30000); | |
867 } | 864 } |
868 | 865 |
869 return NGX_AGAIN; | 866 return NGX_AGAIN; |
870 } | 867 } |
871 | 868 |
912 if (sslerr == SSL_ERROR_SYSCALL) { | 909 if (sslerr == SSL_ERROR_SYSCALL) { |
913 | 910 |
914 if (err == NGX_ECONNRESET | 911 if (err == NGX_ECONNRESET |
915 || err == NGX_EPIPE | 912 || err == NGX_EPIPE |
916 || err == NGX_ENOTCONN | 913 || err == NGX_ENOTCONN |
914 #if !(NGX_CRIT_ETIMEDOUT) | |
915 || err == NGX_ETIMEDOUT | |
916 #endif | |
917 || err == NGX_ECONNREFUSED | 917 || err == NGX_ECONNREFUSED |
918 || err == NGX_EHOSTUNREACH) | 918 || err == NGX_EHOSTUNREACH) |
919 { | 919 { |
920 switch (c->log_error) { | 920 switch (c->log_error) { |
921 | 921 |
975 | 975 |
976 | 976 |
977 void | 977 void |
978 ngx_ssl_cleanup_ctx(void *data) | 978 ngx_ssl_cleanup_ctx(void *data) |
979 { | 979 { |
980 ngx_ssl_t *ssl = data; | 980 ngx_ssl_t *ssl = data; |
981 | 981 |
982 if (ssl->rsa512_key) { | 982 if (ssl->rsa512_key) { |
983 RSA_free(ssl->rsa512_key); | 983 RSA_free(ssl->rsa512_key); |
984 } | 984 } |
985 | 985 |
986 SSL_CTX_free(ssl->ctx); | 986 SSL_CTX_free(ssl->ctx); |
987 } | 987 } |
988 | 988 |
989 | 989 |
990 static void * | 990 static void * |
991 ngx_openssl_create_conf(ngx_cycle_t *cycle) | 991 ngx_openssl_create_conf(ngx_cycle_t *cycle) |