Welcome! Log In Create A New Profile

Advanced

[nginx] SSL: fixed SSL shutdown on lingering close.

December 07, 2020 05:46PM
details: https://hg.nginx.org/nginx/rev/7efae6b4cfb0
branches:
changeset: 7751:7efae6b4cfb0
user: Ruslan Ermilov <ru@nginx.com>
date: Tue Dec 08 01:43:36 2020 +0300
description:
SSL: fixed SSL shutdown on lingering close.

Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.

The bug had appeared in 554c6ae25ffc.

diffstat:

src/event/ngx_event_openssl.c | 4 ++++
src/http/ngx_http_request.c | 2 --
src/http/v2/ngx_http_v2.c | 2 --
3 files changed, 4 insertions(+), 4 deletions(-)

diffs (59 lines):

diff -r 90cc7194e993 -r 7efae6b4cfb0 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Fri Nov 27 00:01:20 2020 +0300
+++ b/src/event/ngx_event_openssl.c Tue Dec 08 01:43:36 2020 +0300
@@ -2880,6 +2880,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)

SSL_free(c->ssl->connection);
c->ssl = NULL;
+ c->recv = ngx_recv;

return NGX_OK;
}
@@ -2925,6 +2926,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)
if (n == 1) {
SSL_free(c->ssl->connection);
c->ssl = NULL;
+ c->recv = ngx_recv;

return NGX_OK;
}
@@ -2967,6 +2969,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)
if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) {
SSL_free(c->ssl->connection);
c->ssl = NULL;
+ c->recv = ngx_recv;

return NGX_OK;
}
@@ -2977,6 +2980,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)

SSL_free(c->ssl->connection);
c->ssl = NULL;
+ c->recv = ngx_recv;

return NGX_ERROR;
}
diff -r 90cc7194e993 -r 7efae6b4cfb0 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c Fri Nov 27 00:01:20 2020 +0300
+++ b/src/http/ngx_http_request.c Tue Dec 08 01:43:36 2020 +0300
@@ -3397,8 +3397,6 @@ ngx_http_set_lingering_close(ngx_connect
c->ssl->handler = ngx_http_set_lingering_close;
return;
}
-
- c->recv = ngx_recv;
}
#endif

diff -r 90cc7194e993 -r 7efae6b4cfb0 src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c Fri Nov 27 00:01:20 2020 +0300
+++ b/src/http/v2/ngx_http_v2.c Tue Dec 08 01:43:36 2020 +0300
@@ -739,8 +739,6 @@ ngx_http_v2_lingering_close(ngx_connecti
c->ssl->handler = ngx_http_v2_lingering_close;
return;
}
-
- c->recv = ngx_recv;
}
#endif

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx] SSL: fixed SSL shutdown on lingering close.

ru@nginx.com 388 December 07, 2020 05:46PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 34
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready