mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-07 17:52:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

SSL: avoid calling SSL_write() with zero data size.

Browse Source 
According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.

We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.

In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
This commit is contained in:
Valentin Bartenev 2013-01-28 15:40:25 +00:00
parent f98b1d2561
commit 0f0fac70a1
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/event/ngx_event_openssl.c
View File

@ -1213,6 +1213,12 @@ ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit)
size = buf->last - buf->pos;
if (size == 0) {
buf->flush = 0;
c->buffered &= ~NGX_SSL_BUFFERED;
return in;
}
n = ngx_ssl_write(c, buf->pos, size);
if (n == NGX_ERROR) {