Mercurial > hg > nginx

--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -528,10 +528,10 @@ ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_s
         return NGX_ERROR;
     }

+    SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
+
     SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh);

-    SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE);
-
     EC_KEY_free(ecdh);
 #endif
 #endif
@@ -693,6 +693,10 @@ ngx_ssl_handshake(ngx_connection_t *c)
             return NGX_ERROR;
         }

+        if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
         return NGX_AGAIN;
     }

@@ -701,6 +705,10 @@ ngx_ssl_handshake(ngx_connection_t *c)
         c->read->handler = ngx_ssl_handshake_handler;
         c->write->handler = ngx_ssl_handshake_handler;

+        if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
         if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
             return NGX_ERROR;
         }
@@ -1053,8 +1061,8 @@ ngx_ssl_send_chain(ngx_connection_t *c,
         buf->end = buf->start + NGX_SSL_BUFSIZE;
     }

-    send = 0;
-    flush = (in == NULL) ? 1 : 0;
+    send = buf->last - buf->pos;
+    flush = (in == NULL) ? 1 : buf->flush;

     for ( ;; ) {

@@ -1076,7 +1084,6 @@ ngx_ssl_send_chain(ngx_connection_t *c,

             if (send + size > limit) {
                 size = (ssize_t) (limit - send);
-                flush = 1;
             }

             ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
@@ -1093,10 +1100,16 @@ ngx_ssl_send_chain(ngx_connection_t *c,
             }
         }

+        if (!flush && send < limit && buf->last < buf->end) {
+            break;
+        }
+
         size = buf->last - buf->pos;

-        if (!flush && buf->last < buf->end && c->ssl->buffer) {
-            break;
+        if (size == 0) {
+            buf->flush = 0;
+            c->buffered &= ~NGX_SSL_BUFFERED;
+            return in;
         }

         n = ngx_ssl_write(c, buf->pos, size);
@@ -1106,8 +1119,7 @@ ngx_ssl_send_chain(ngx_connection_t *c,
         }

         if (n == NGX_AGAIN) {
-            c->buffered |= NGX_SSL_BUFFERED;
-            return in;
+            break;
         }

         buf->pos += n;
@@ -1117,16 +1129,18 @@ ngx_ssl_send_chain(ngx_connection_t *c,
             break;
         }

-        if (buf->pos == buf->last) {
-            buf->pos = buf->start;
-            buf->last = buf->start;
-        }
+        flush = 0;
+
+        buf->pos = buf->start;
+        buf->last = buf->start;

         if (in == NULL || send == limit) {
             break;
         }
     }

+    buf->flush = flush;
+
     if (buf->pos < buf->last) {
         c->buffered |= NGX_SSL_BUFFERED;