nginx: src/event/ngx_event_openssl.c comparison

comparison src/event/ngx_event_openssl.c @ 7958:9b72da2b5b57 stable-1.20

SSL: set events ready flags after handshake. The c->read->ready and c->write->ready flags might be reset during the handshake, and not set again if the handshake was finished on the other event. At the same time, some data might be read from the socket during the handshake, so missing c->read->ready flag might result in a connection hang, for example, when waiting for an SMTP greeting (which was already received during the handshake). Found by Sergey Kandaurov.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Tue, 03 Aug 2021 20:50:30 +0300
parents	ae70fcb8ac93
children	34a3a1a2d197

comparison

equal deleted inserted replaced

-:f5732fa038ad
+:9b72da2b5b57
 c->recv = ngx_ssl_recv;
 c->send = ngx_ssl_write;
 c->recv_chain = ngx_ssl_recv_chain;
 c->send_chain = ngx_ssl_send_chain;
+c->read->ready = 1;
+c->write->ready = 1;
 #ifndef SSL_OP_NO_RENEGOTIATION
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
 #ifdef SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
 /* initial handshake done, disable renegotiation (CVE-2009-3555) */
 c->recv = ngx_ssl_recv;
 c->send = ngx_ssl_write;
 c->recv_chain = ngx_ssl_recv_chain;
 c->send_chain = ngx_ssl_send_chain;
+c->read->ready = 1;
+c->write->ready = 1;
 rc = ngx_ssl_ocsp_validate(c);
 if (rc == NGX_ERROR) {
 return NGX_ERROR;

Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 7958:9b72da2b5b57 stable-1.20