diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2020-10-01 12:21:11 +0100 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2020-10-01 12:21:11 +0100 |
| commit | 88cb4d3ab046622b2b71e4d94c583d45e00a56c4 (patch) | |
| tree | a75aca6b6836c224a0030c32569b9cb0d289b417 /src/event | |
| parent | ee4a6024cc0097d8ab29af8441172846de6b0f64 (diff) | |
| parent | 135b707ab02d5921d7e789c231995f0cc11ae4a6 (diff) | |
| download | nginx-88cb4d3ab046622b2b71e4d94c583d45e00a56c4.tar.gz nginx-88cb4d3ab046622b2b71e4d94c583d45e00a56c4.tar.bz2 | |
Merged with the default branch.
Diffstat (limited to 'src/event')
| -rw-r--r-- | src/event/ngx_event_openssl.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 8077f40a9..ca94a68ff 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -2573,6 +2573,18 @@ ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) sslerr = SSL_get_error(c->ssl->connection, n); + if (sslerr == SSL_ERROR_ZERO_RETURN) { + + /* + * OpenSSL 1.1.1 fails to return SSL_ERROR_SYSCALL if an error + * happens during SSL_write() after close_notify alert from the + * peer, and returns SSL_ERROR_ZERO_RETURN instead, + * https://git.openssl.org/?p=openssl.git;a=commitdiff;h=8051ab2 + */ + + sslerr = SSL_ERROR_SYSCALL; + } + err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", sslerr); @@ -2800,7 +2812,7 @@ ngx_ssl_shutdown(ngx_connection_t *c) return NGX_OK; } - if (c->timedout) { + if (c->timedout || c->error || c->buffered) { mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; SSL_set_quiet_shutdown(c->ssl->connection, 1); @@ -2860,6 +2872,13 @@ ngx_ssl_shutdown(ngx_connection_t *c) c->read->handler = ngx_ssl_shutdown_handler; c->write->handler = ngx_ssl_shutdown_handler; + if (sslerr == SSL_ERROR_WANT_READ) { + c->read->ready = 0; + + } else { + c->write->ready = 0; + } + if (ngx_handle_read_event(c->read, 0) != NGX_OK) { return NGX_ERROR; } |