Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 5022:1d819608ad4a
SSL: avoid calling SSL_write() with zero data size.
According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.
We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.
In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
| author | Valentin Bartenev <vbart@nginx.com> |
|---|---|
| date | Mon, 28 Jan 2013 15:40:25 +0000 |
| parents | 674f8739e443 |
| children | 70a35b7b63ea |
comparison
equal
deleted
inserted
replaced
| 5021:674f8739e443 | 5022:1d819608ad4a |
|---|---|
| 1210 if (!flush && send < limit && buf->last < buf->end) { | 1210 if (!flush && send < limit && buf->last < buf->end) { |
| 1211 break; | 1211 break; |
| 1212 } | 1212 } |
| 1213 | 1213 |
| 1214 size = buf->last - buf->pos; | 1214 size = buf->last - buf->pos; |
| 1215 | |
| 1216 if (size == 0) { | |
| 1217 buf->flush = 0; | |
| 1218 c->buffered &= ~NGX_SSL_BUFFERED; | |
| 1219 return in; | |
| 1220 } | |
| 1215 | 1221 |
| 1216 n = ngx_ssl_write(c, buf->pos, size); | 1222 n = ngx_ssl_write(c, buf->pos, size); |
| 1217 | 1223 |
| 1218 if (n == NGX_ERROR) { | 1224 if (n == NGX_ERROR) { |
| 1219 return NGX_CHAIN_ERROR; | 1225 return NGX_CHAIN_ERROR; |