Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 7751:7efae6b4cfb0
SSL: fixed SSL shutdown on lingering close.
Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.
The bug had appeared in 554c6ae25ffc.
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Tue, 08 Dec 2020 01:43:36 +0300 |
| parents | a46fcf101cfc |
| children | 018a09b766ef f61d347158d0 |
comparison
equal
deleted
inserted
replaced
| 7750:90cc7194e993 | 7751:7efae6b4cfb0 |
|---|---|
| 2878 * Avoid calling SSL_shutdown() if handshake wasn't completed. | 2878 * Avoid calling SSL_shutdown() if handshake wasn't completed. |
| 2879 */ | 2879 */ |
| 2880 | 2880 |
| 2881 SSL_free(c->ssl->connection); | 2881 SSL_free(c->ssl->connection); |
| 2882 c->ssl = NULL; | 2882 c->ssl = NULL; |
| 2883 c->recv = ngx_recv; | |
| 2883 | 2884 |
| 2884 return NGX_OK; | 2885 return NGX_OK; |
| 2885 } | 2886 } |
| 2886 | 2887 |
| 2887 if (c->timedout || c->error || c->buffered) { | 2888 if (c->timedout || c->error || c->buffered) { |
| 2923 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); | 2924 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); |
| 2924 | 2925 |
| 2925 if (n == 1) { | 2926 if (n == 1) { |
| 2926 SSL_free(c->ssl->connection); | 2927 SSL_free(c->ssl->connection); |
| 2927 c->ssl = NULL; | 2928 c->ssl = NULL; |
| 2929 c->recv = ngx_recv; | |
| 2928 | 2930 |
| 2929 return NGX_OK; | 2931 return NGX_OK; |
| 2930 } | 2932 } |
| 2931 | 2933 |
| 2932 if (n == 0 && tries-- > 1) { | 2934 if (n == 0 && tries-- > 1) { |
| 2965 } | 2967 } |
| 2966 | 2968 |
| 2967 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { | 2969 if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { |
| 2968 SSL_free(c->ssl->connection); | 2970 SSL_free(c->ssl->connection); |
| 2969 c->ssl = NULL; | 2971 c->ssl = NULL; |
| 2972 c->recv = ngx_recv; | |
| 2970 | 2973 |
| 2971 return NGX_OK; | 2974 return NGX_OK; |
| 2972 } | 2975 } |
| 2973 | 2976 |
| 2974 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; | 2977 err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; |
| 2975 | 2978 |
| 2976 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); | 2979 ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); |
| 2977 | 2980 |
| 2978 SSL_free(c->ssl->connection); | 2981 SSL_free(c->ssl->connection); |
| 2979 c->ssl = NULL; | 2982 c->ssl = NULL; |
| 2983 c->recv = ngx_recv; | |
| 2980 | 2984 |
| 2981 return NGX_ERROR; | 2985 return NGX_ERROR; |
| 2982 } | 2986 } |
| 2983 } | 2987 } |
| 2984 | 2988 |