Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 4064:5b776ad53c3c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Proper SSL shutdown handling. If connection has unsent alerts, SSL_shutdown() tries to send them even if SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN) was used. This can be prevented by SSL_set_quiet_shutdown(). SSL_set_shutdown() is required nevertheless to preserve session.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 01 Sep 2011 13:49:36 +0000
parents a1dd9dc754ab
children 6af5959a2ace
comparison
equal deleted inserted replaced
4063:8d70904b6c48 4064:5b776ad53c3c
1203 int n, sslerr, mode; 1203 int n, sslerr, mode;
1204 ngx_err_t err; 1204 ngx_err_t err;
1205 1205
1206 if (c->timedout) { 1206 if (c->timedout) {
1207 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; 1207 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN;
1208 SSL_set_quiet_shutdown(c->ssl->connection, 1);
1208 1209
1209 } else { 1210 } else {
1210 mode = SSL_get_shutdown(c->ssl->connection); 1211 mode = SSL_get_shutdown(c->ssl->connection);
1211 1212
1212 if (c->ssl->no_wait_shutdown) { 1213 if (c->ssl->no_wait_shutdown) {
1213 mode |= SSL_RECEIVED_SHUTDOWN; 1214 mode |= SSL_RECEIVED_SHUTDOWN;
1214 } 1215 }
1215 1216
1216 if (c->ssl->no_send_shutdown) { 1217 if (c->ssl->no_send_shutdown) {
1217 mode |= SSL_SENT_SHUTDOWN; 1218 mode |= SSL_SENT_SHUTDOWN;
1219 }
1220
1221 if (c->ssl->no_wait_shutdown && c->ssl->no_send_shutdown) {
1222 SSL_set_quiet_shutdown(c->ssl->connection, 1);
1218 } 1223 }
1219 } 1224 }
1220 1225
1221 SSL_set_shutdown(c->ssl->connection, mode); 1226 SSL_set_shutdown(c->ssl->connection, mode);
1222 1227