Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 2327:be8c6159590b stable-0.6
r2281 merge:
always use buffer, if connection is buffered,
this fixes OpenSSL "bad write retry" error, when
*) nginx passed a single buf greater than our buffer (say 32K) to OpenSSL,
*) OpenSSL returns SSL_ERROR_WANT_WRITE,
*) after some time nginx has to send a new data,
*) so there are at least two bufs nginx does pass them directly to OpenSSL,
*) but copies the first buf part to buffer, and sends the buffer to OpenSSL.
*) because the data length is lesser than it was in previous SSL_write():
16K < 32K, OpenSSL returns SSL_R_BAD_WRITE_RETRY.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Thu, 20 Nov 2008 17:20:15 +0000 |
parents | 297e8aeca6b3 |
children | 117442ab7c47 |
comparison
equal
deleted
inserted
replaced
2326:805165c6ba2b | 2327:be8c6159590b |
---|---|
185 | 185 |
186 if (ngx_ssl_protocols[protocols >> 1] != 0) { | 186 if (ngx_ssl_protocols[protocols >> 1] != 0) { |
187 SSL_CTX_set_options(ssl->ctx, ngx_ssl_protocols[protocols >> 1]); | 187 SSL_CTX_set_options(ssl->ctx, ngx_ssl_protocols[protocols >> 1]); |
188 } | 188 } |
189 | 189 |
190 /* | |
191 * we need this option because in ngx_ssl_send_chain() | |
192 * we may switch to a buffered write and may copy leftover part of | |
193 * previously unbuffered data to our internal buffer | |
194 */ | |
195 SSL_CTX_set_mode(ssl->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); | |
196 | |
197 SSL_CTX_set_read_ahead(ssl->ctx, 1); | 190 SSL_CTX_set_read_ahead(ssl->ctx, 1); |
198 | 191 |
199 return NGX_OK; | 192 return NGX_OK; |
200 } | 193 } |
201 | 194 |
774 int n; | 767 int n; |
775 ngx_uint_t flush; | 768 ngx_uint_t flush; |
776 ssize_t send, size; | 769 ssize_t send, size; |
777 ngx_buf_t *buf; | 770 ngx_buf_t *buf; |
778 | 771 |
779 if (!c->ssl->buffer | 772 if (!c->ssl->buffer) { |
780 || (in && in->next == NULL && !(c->buffered & NGX_SSL_BUFFERED))) | |
781 { | |
782 /* | |
783 * we avoid a buffer copy if | |
784 * we do not need to buffer the output | |
785 * or the incoming buf is a single and our buffer is empty | |
786 */ | |
787 | 773 |
788 while (in) { | 774 while (in) { |
789 if (ngx_buf_special(in->buf)) { | 775 if (ngx_buf_special(in->buf)) { |
790 in = in->next; | 776 in = in->next; |
791 continue; | 777 continue; |