SSL: avoid reading on pending SSL_write_early_data().

If SSL_write_early_data() returned SSL_ERROR_WANT_WRITE, stop further reading using a newly introduced c->ssl->write_blocked flag, as otherwise this would result in SSL error "ssl3_write_bytes:bad length". Eventually, normal reading will be restored by read event posted from successful SSL_write_early_data(). While here, place "SSL_write_early_data: want write" debug on the path.
author: Sergey Kandaurov <pluknet@nginx.com> 2018-12-18 15:15:15 +0300
committer: Sergey Kandaurov <pluknet@nginx.com> 2018-12-18 15:15:15 +0300
commit: 2a11bf0f77358a1116b3ef56c949b242582e798c (patch)
tree: 890eb26816e52c4b5b9bf0aa9c76abdb3dac9716 /src/event/ngx_event_openssl.h
parent: ce4a23d144762cfa27c0e4b13f74cada2f7486a8 (diff)
download: nginx-2a11bf0f77358a1116b3ef56c949b242582e798c.tar.gz
nginx-2a11bf0f77358a1116b3ef56c949b242582e798c.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index abd84ccf0..9ec001d09 100644
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -98,6 +98,7 @@ struct ngx_ssl_connection_s {
     unsigned                    try_early_data:1;
     unsigned                    in_early:1;
     unsigned                    early_preread:1;
+    unsigned                    write_blocked:1;
 };
author	Sergey Kandaurov <pluknet@nginx.com>	2018-12-18 15:15:15 +0300
committer	Sergey Kandaurov <pluknet@nginx.com>	2018-12-18 15:15:15 +0300
commit	2a11bf0f77358a1116b3ef56c949b242582e798c (patch)
tree	890eb26816e52c4b5b9bf0aa9c76abdb3dac9716 /src/event/ngx_event_openssl.h
parent	ce4a23d144762cfa27c0e4b13f74cada2f7486a8 (diff)
download	nginx-2a11bf0f77358a1116b3ef56c949b242582e798c.tar.gz nginx-2a11bf0f77358a1116b3ef56c949b242582e798c.tar.bz2