Welcome! Log In Create A New Profile

Advanced

[nginx] svn commit: r5023 - trunk/src/event

Previous Message Next Message
Forum List Message List New Topic Print View
Anonymous User
January 28, 2013 10:42AM
Author: vbart
Date: 2013-01-28 15:40:25 +0000 (Mon, 28 Jan 2013)
New Revision: 5023
URL: http://trac.nginx.org/nginx/changeset/5023/nginx

Log:
SSL: avoid calling SSL_write() with zero data size.

According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.

We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.

In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.



Modified:
trunk/src/event/ngx_event_openssl.c

Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c 2013-01-28 15:38:36 UTC (rev 5022)
+++ trunk/src/event/ngx_event_openssl.c 2013-01-28 15:40:25 UTC (rev 5023)
@@ -1213,6 +1213,12 @@

size = buf->last - buf->pos;

+ if (size == 0) {
+ buf->flush = 0;
+ c->buffered &= ~NGX_SSL_BUFFERED;
+ return in;
+ }
+
n = ngx_ssl_write(c, buf->pos, size);

if (n == NGX_ERROR) {

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[nginx] svn commit: r5023 - trunk/src/event

Anonymous User 668 January 28, 2013 10:42AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 168
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready