CERBERUS/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2026-06-25 19:37:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
The official NGINX Open Source repository. https://nginx.org/
6746 commits 23 branches 591 tags 87 MiB
Find a file
Maxim Dounin 82cf625ab5 SSL: workaround for incorrect SSL_write() errors in OpenSSL 1.1.1. 
OpenSSL 1.1.1 fails to return SSL_ERROR_SYSCALL if an error happens
during SSL_write() after close_notify alert from the peer, and returns
SSL_ERROR_ZERO_RETURN instead.  Broken by this commit, which removes
the "i == 0" check around the SSL_RECEIVED_SHUTDOWN one:

https://git.openssl.org/?p=openssl.git;a=commitdiff;h=8051ab2

In particular, if a client closed the connection without reading
the response but with properly sent close_notify alert, this resulted in
unexpected "SSL_write() failed while ..." critical log message instead
of correct "SSL_write() failed (32: Broken pipe)" at the info level.

Since SSL_ERROR_ZERO_RETURN cannot be legitimately returned after
SSL_write(), the fix is to convert all SSL_ERROR_ZERO_RETURN errors
after SSL_write() to SSL_ERROR_SYSCALL.
2020-09-16 18:26:22 +03:00
auto Events: available bytes calculation via ioctl(FIONREAD). 2019-10-17 16:02:19 +03:00
conf MIME: added font/woff2 type (ticket #1243). 2018-06-15 17:29:55 +03:00
contrib Contrib: vim syntax, update core and 3rd party module directives. 2020-05-26 19:17:11 +03:00
docs nginx-1.19.2-RELEASE 2020-08-11 17:52:30 +03:00
misc Updated OpenSSL used for win32 builds. 2020-05-25 22:10:37 +03:00
src SSL: workaround for incorrect SSL_write() errors in OpenSSL 1.1.1. 2020-09-16 18:26:22 +03:00
.hgtags release-1.19.2 tag 2020-08-11 17:52:30 +03:00