Mercurial > hg > nginx

changeset 8655:f596a4e5794b quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: disabling bidirectional SSL shutdown earlier. Notably, this fixes an issue with Chrome that can emit a "certificate_unknown" alert during the SSL handshake where c->ssl->no_wait_shutdown is not yet set.
author Sergey Kandaurov <pluknet@nginx.com>
date Sun, 06 Dec 2020 14:24:38 +0000
parents 9ebeed8cd1b8
children 43f3574b3e6f
files src/event/ngx_event_quic.c
diffstat 1 files changed, 2 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -1563,6 +1563,8 @@ ngx_quic_init_connection(ngx_connection_
         return NGX_ERROR;
     }
 
+    c->ssl->no_wait_shutdown = 1;
+
     ssl_conn = c->ssl->connection;
 
     if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
@@ -3726,7 +3728,6 @@ ngx_quic_crypto_input(ngx_connection_t *
                    "quic handshake completed successfully");
 
     c->ssl->handshaked = 1;
-    c->ssl->no_wait_shutdown = 1;
 
     frame = ngx_quic_alloc_frame(c, 0);
     if (frame == NULL) {