Welcome! Log In Create A New Profile

[nginx] Event pipe: disabled c->read->available checking for SSL.

Forum List Message List New Topic Print View

Maxim Dounin

October 17, 2019 09:08AM

details: https://hg.nginx.org/nginx/rev/afceb32f3a8a
branches:
changeset: 7581:afceb32f3a8a
user: Maxim Dounin <mdounin@mdounin.ru>
date: Thu Oct 17 16:02:03 2019 +0300
description:
Event pipe: disabled c->read->available checking for SSL.

In SSL connections, data can be buffered by the SSL layer, and it is
wrong to avoid doing c->recv_chain() if c->read->available is 0 and
c->read->pending_eof is set. And tests show that the optimization in
question indeed can result in incorrect detection of premature connection
close if upstream closes the connection without sending a close notify
alert at the same time. Fix is to disable c->read->available optimization
for SSL connections.

diffstat:

src/event/ngx_event_pipe.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)

diffs (16 lines):

diff --git a/src/event/ngx_event_pipe.c b/src/event/ngx_event_pipe.c
--- a/src/event/ngx_event_pipe.c
+++ b/src/event/ngx_event_pipe.c
@@ -172,7 +172,11 @@ ngx_event_pipe_read_upstream(ngx_event_p
*/

if (p->upstream->read->available == 0
- && p->upstream->read->pending_eof)
+ && p->upstream->read->pending_eof
+#if (NGX_SSL)
+ && !p->upstream->ssl
+#endif
+ )
{
p->upstream->read->ready = 0;
p->upstream->read->eof = 1;
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[nginx] Event pipe: disabled c->read->available checking for SSL.	Maxim Dounin	227	October 17, 2019 09:08AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 289

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018