mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-06 17:02:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Proper SSL shutdown handling.

Browse Source 
If connection has unsent alerts, SSL_shutdown() tries to send them even
if SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN) was used.
This can be prevented by SSL_set_quiet_shutdown().  SSL_set_shutdown()
is required nevertheless to preserve session.
This commit is contained in:
Maxim Dounin 2011-09-01 13:49:36 +00:00
parent 09be2f18c5
commit a9e3c65d22
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/event/ngx_event_openssl.c
View File

@ -1205,6 +1205,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)
if (c->timedout) { if (c->timedout) {
mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN;
SSL_set_quiet_shutdown(c->ssl->connection, 1);
} else { } else {
mode = SSL_get_shutdown(c->ssl->connection); mode = SSL_get_shutdown(c->ssl->connection);
@ -1216,6 +1217,10 @@ ngx_ssl_shutdown(ngx_connection_t *c)
if (c->ssl->no_send_shutdown) { if (c->ssl->no_send_shutdown) {
mode |= SSL_SENT_SHUTDOWN; mode |= SSL_SENT_SHUTDOWN;
} }
if (c->ssl->no_wait_shutdown && c->ssl->no_send_shutdown) {
SSL_set_quiet_shutdown(c->ssl->connection, 1);
}
} }
SSL_set_shutdown(c->ssl->connection, mode); SSL_set_shutdown(c->ssl->connection, mode);