view src/http/modules/ngx_http_ssl_module.h @ 7508:c30a20e06c21

Range filter: fixed duplicate last buffers. In ngx_http_range_singlepart_body() special buffers where passed unmodified, including ones after the end of the range. As such, if the last buffer of a response was sent separately as a special buffer, two buffers with b->last_buf set were present in the response. In particular, this might result in a duplicate final chunk when using chunked transfer encoding (normally range filter and chunked transfer encoding are not used together, but this may happen if there are trailers in the response). This also likely to cause problems in HTTP/2. Fix is to skip all special buffers after we've sent the last part of the range requested. These special buffers are not meaningful anyway, since we set b->last_buf in the buffer with the last part of the range, and everything is expected to be flushed due to it. Additionally, ngx_http_next_body_filter() is now called even if no buffers are to be passed to it. This ensures that various write events are properly propagated through the filter chain. In particular, this fixes test failures observed with the above change and aio enabled.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 13 May 2019 22:44:49 +0300
parents be2af41d3620
children 8409f9df6219 5d91389e0fd3
line wrap: on
line source


/*
 * Copyright (C) Igor Sysoev
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_HTTP_SSL_H_INCLUDED_
#define _NGX_HTTP_SSL_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>


typedef struct {
    ngx_flag_t                      enable;

    ngx_ssl_t                       ssl;

    ngx_flag_t                      prefer_server_ciphers;
    ngx_flag_t                      early_data;

    ngx_uint_t                      protocols;

    ngx_uint_t                      verify;
    ngx_uint_t                      verify_depth;

    size_t                          buffer_size;

    ssize_t                         builtin_session_cache;

    time_t                          session_timeout;

    ngx_array_t                    *certificates;
    ngx_array_t                    *certificate_keys;

    ngx_array_t                    *certificate_values;
    ngx_array_t                    *certificate_key_values;

    ngx_str_t                       dhparam;
    ngx_str_t                       ecdh_curve;
    ngx_str_t                       client_certificate;
    ngx_str_t                       trusted_certificate;
    ngx_str_t                       crl;

    ngx_str_t                       ciphers;

    ngx_array_t                    *passwords;

    ngx_shm_zone_t                 *shm_zone;

    ngx_flag_t                      session_tickets;
    ngx_array_t                    *session_ticket_keys;

    ngx_flag_t                      stapling;
    ngx_flag_t                      stapling_verify;
    ngx_str_t                       stapling_file;
    ngx_str_t                       stapling_responder;

    u_char                         *file;
    ngx_uint_t                      line;
} ngx_http_ssl_srv_conf_t;


extern ngx_module_t  ngx_http_ssl_module;


#endif /* _NGX_HTTP_SSL_H_INCLUDED_ */