# HG changeset patch # User Maxim Dounin # Date 1536595039 -10800 # Node ID 0de0b16a551cd18e09dbca53bf4e29d81cad98e3 # Parent 2b5528023f6b97074de5f75ee099d0b0d7051c54 SSL: corrected SSL_ERROR_WANT_WRITE / SSL_ERROR_WANT_READ logging. While SSL_read() most likely to return SSL_ERROR_WANT_WRITE (and SSL_write() accordingly SSL_ERROR_WANT_READ) during an SSL renegotiation, it is not necessary mean that a renegotiation was started. In particular, it can never happen during a renegotiation or can happen multiple times during a renegotiation. Because of the above, misleading "peer started SSL renegotiation" info messages were replaced with "SSL_read: want write" and "SSL_write: want read" debug ones. Additionally, "SSL write handler" and "SSL read handler" are now logged by the SSL write and read handlers, to make it easier to understand that temporary SSL handlers are called instead of normal handlers. diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -1681,8 +1681,8 @@ ngx_ssl_handle_recv(ngx_connection_t *c, if (sslerr == SSL_ERROR_WANT_WRITE) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "peer started SSL renegotiation"); + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "SSL_read: want write"); c->write->ready = 0; @@ -1724,6 +1724,8 @@ ngx_ssl_write_handler(ngx_event_t *wev) c = wev->data; + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL write handler"); + c->read->handler(c->read); } @@ -1938,8 +1940,8 @@ ngx_ssl_write(ngx_connection_t *c, u_cha if (sslerr == SSL_ERROR_WANT_READ) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "peer started SSL renegotiation"); + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "SSL_write: want read"); c->read->ready = 0; @@ -1977,6 +1979,8 @@ ngx_ssl_read_handler(ngx_event_t *rev) c = rev->data; + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL read handler"); + c->write->handler(c->write); }