Mercurial > hg > nginx
view src/mail/ngx_mail_ssl_module.h @ 7746:88eca63261c3
gRPC: RST_STREAM(NO_ERROR) handling after "trailer only" responses.
Similarly to the problem fixed in 2096b21fcd10 (ticket #1792),
when a "trailer only" gRPC response (that is, a response with the
END_STREAM flag in the HEADERS frame) was immediately followed by
RST_STREAM(NO_ERROR) in the data preread along with the response
header, RST_STREAM wasn't properly skipped and caused "upstream
rejected request with error 0" errors.
Observed with "unknown service" gRPC errors returned by grpc-go.
Fix is to set ctx->done if we are going to parse additional data,
so the RST_STREAM(NO_ERROR) is properly skipped. Additionally, now
ngx_http_grpc_filter() will complain about frames sent for closed
stream if there are any.
author | Pavel Pautov <p.pautov@f5.com> |
---|---|
date | Wed, 18 Nov 2020 18:41:16 -0800 |
parents | 3bff3f397c05 |
children | 0aaa09927703 |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_MAIL_SSL_H_INCLUDED_ #define _NGX_MAIL_SSL_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_mail.h> #define NGX_MAIL_STARTTLS_OFF 0 #define NGX_MAIL_STARTTLS_ON 1 #define NGX_MAIL_STARTTLS_ONLY 2 typedef struct { ngx_flag_t enable; ngx_flag_t prefer_server_ciphers; ngx_ssl_t ssl; ngx_uint_t starttls; ngx_uint_t listen; ngx_uint_t protocols; ngx_uint_t verify; ngx_uint_t verify_depth; ssize_t builtin_session_cache; time_t session_timeout; ngx_array_t *certificates; ngx_array_t *certificate_keys; ngx_str_t dhparam; ngx_str_t ecdh_curve; ngx_str_t client_certificate; ngx_str_t trusted_certificate; ngx_str_t crl; ngx_str_t ciphers; ngx_array_t *passwords; ngx_array_t *conf_commands; ngx_shm_zone_t *shm_zone; ngx_flag_t session_tickets; ngx_array_t *session_ticket_keys; u_char *file; ngx_uint_t line; } ngx_mail_ssl_conf_t; extern ngx_module_t ngx_mail_ssl_module; #endif /* _NGX_MAIL_SSL_H_INCLUDED_ */