From e153f4993c62e02f14da07fcf68d8c24ba189d3b Mon Sep 17 00:00:00 2001 From: Sergey Kandaurov Date: Fri, 21 Aug 2020 14:41:42 +0300 Subject: QUIC: disabled bidirectional SSL shutdown after 09fb2135a589. On QUIC connections, SSL_shutdown() is used to call the send_alert callback to send a CONNECTION_CLOSE frame. The reverse side is handled by other means. At least BoringSSL doesn't differentiate whether this is a QUIC SSL method, so waiting for the peer's close_notify alert should be explicitly disabled. --- src/event/ngx_event_quic.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c index 7923c5529..918e8f716 100644 --- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -2918,6 +2918,7 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) "quic handshake completed successfully"); c->ssl->handshaked = 1; + c->ssl->no_wait_shutdown = 1; frame = ngx_quic_alloc_frame(c, 0); if (frame == NULL) { -- cgit