nginx: src/event/ngx_event_openssl.c comparison

comparison src/event/ngx_event_openssl.c @ 2327:be8c6159590b stable-0.6

r2281 merge: always use buffer, if connection is buffered, this fixes OpenSSL "bad write retry" error, when *) nginx passed a single buf greater than our buffer (say 32K) to OpenSSL, *) OpenSSL returns SSL_ERROR_WANT_WRITE, *) after some time nginx has to send a new data, *) so there are at least two bufs nginx does pass them directly to OpenSSL, *) but copies the first buf part to buffer, and sends the buffer to OpenSSL. *) because the data length is lesser than it was in previous SSL_write(): 16K < 32K, OpenSSL returns SSL_R_BAD_WRITE_RETRY.

author	Igor Sysoev <igor@sysoev.ru>
date	Thu, 20 Nov 2008 17:20:15 +0000
parents	297e8aeca6b3
children	117442ab7c47

comparison

equal deleted inserted replaced

-:805165c6ba2b
+:be8c6159590b
 if (ngx_ssl_protocols[protocols >> 1] != 0) {
 SSL_CTX_set_options(ssl->ctx, ngx_ssl_protocols[protocols >> 1]);
 }
-/*
-* we need this option because in ngx_ssl_send_chain()
-* we may switch to a buffered write and may copy leftover part of
-* previously unbuffered data to our internal buffer
-*/
-SSL_CTX_set_mode(ssl->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 SSL_CTX_set_read_ahead(ssl->ctx, 1);
 return NGX_OK;
 }
 int          n;
 ngx_uint_t   flush;
 ssize_t      send, size;
 ngx_buf_t   *buf;
-if (!c->ssl->buffer
+if (!c->ssl->buffer) {
-|| (in && in->next == NULL && !(c->buffered & NGX_SSL_BUFFERED)))
-{
-/*
-* we avoid a buffer copy if
-*     we do not need to buffer the output
-*     or the incoming buf is a single and our buffer is empty
-*/
 while (in) {
 if (ngx_buf_special(in->buf)) {
 in = in->next;
 continue;

Mercurial > hg > nginx

comparison src/event/ngx_event_openssl.c @ 2327:be8c6159590b stable-0.6