Mercurial > hg > nginx
view src/mail/ngx_mail_ssl_module.h @ 7708:f3c87533f92c
SSL: disabled shutdown after connection errors.
This fixes "SSL_shutdown() failed (SSL: ... bad write retry)" errors
as observed on the second SSL_shutdown() call after SSL shutdown fixes in
09fb2135a589 (1.19.2), notably when sending fails in ngx_http_test_expect(),
similarly to ticket #1194.
Note that there are some places where c->error is misused to prevent
further output, such as ngx_http_v2_finalize_connection() if there
are pending streams, or in filter finalization. These places seem
to be extreme enough to don't care about missing shutdown though.
For example, filter finalization currently prevents keepalive from
being used.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 16 Sep 2020 18:26:24 +0300 |
parents | 7f955d3b9a0d |
children | 3bff3f397c05 |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_MAIL_SSL_H_INCLUDED_ #define _NGX_MAIL_SSL_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_mail.h> #define NGX_MAIL_STARTTLS_OFF 0 #define NGX_MAIL_STARTTLS_ON 1 #define NGX_MAIL_STARTTLS_ONLY 2 typedef struct { ngx_flag_t enable; ngx_flag_t prefer_server_ciphers; ngx_ssl_t ssl; ngx_uint_t starttls; ngx_uint_t listen; ngx_uint_t protocols; ngx_uint_t verify; ngx_uint_t verify_depth; ssize_t builtin_session_cache; time_t session_timeout; ngx_array_t *certificates; ngx_array_t *certificate_keys; ngx_str_t dhparam; ngx_str_t ecdh_curve; ngx_str_t client_certificate; ngx_str_t trusted_certificate; ngx_str_t crl; ngx_str_t ciphers; ngx_array_t *passwords; ngx_shm_zone_t *shm_zone; ngx_flag_t session_tickets; ngx_array_t *session_ticket_keys; u_char *file; ngx_uint_t line; } ngx_mail_ssl_conf_t; extern ngx_module_t ngx_mail_ssl_module; #endif /* _NGX_MAIL_SSL_H_INCLUDED_ */