Mercurial > hg > nginx

diff src/http/modules/ngx_http_ssl_filter.c @ 384:e7054aaedf68

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-0.0.7-2004-07-09-11:12:14 import
author Igor Sysoev <igor@sysoev.ru>
date Fri, 09 Jul 2004 07:12:14 +0000
parents c05876036128
children 79050a10aacb
line wrap: on
line diff
--- a/src/http/modules/ngx_http_ssl_filter.c
+++ b/src/http/modules/ngx_http_ssl_filter.c
@@ -111,8 +111,30 @@ ngx_int_t ngx_http_ssl_read(ngx_http_req
                 return NGX_AGAIN;
             }
 
+            if (rc == SSL_ERROR_ZERO_RETURN) {
+                ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+                               "client closed connection while SSL handshake");
+
+                ngx_http_ssl_close_request(ctx->ssl, SSL_RECEIVED_SHUTDOWN);
+
+                return NGX_ERROR;
+            }
+
+            if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) {
+                ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                               "client sent HTTP request to HTTPS port");
+
+                ngx_http_ssl_close_request(ctx->ssl,
+                                      SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+
+                return NGX_OK;
+            }
+
             ngx_http_ssl_error(NGX_LOG_ALERT, r->connection->log, rc,
                                "SSL_accept() failed");
+
+            ngx_http_ssl_close_request(ctx->ssl, SSL_RECEIVED_SHUTDOWN);
+
             return NGX_ERROR;
         }
 
@@ -174,6 +196,14 @@ static ngx_http_ssl_ctx_t *ngx_http_ssl_
 }
 
 
+void ngx_http_ssl_close_request(SSL *ssl, int mode)
+{
+    SSL_set_shutdown(ssl, mode);
+    SSL_smart_shutdown(ssl);
+    SSL_free(ssl);
+}
+
+
 static void ngx_http_ssl_error(ngx_uint_t level, ngx_log_t *log, int err,
                                char *fmt, ...)
 {