Websocket tunnel broken with existing SSL session
Maxim Dounin
mdounin at mdounin.ru
Thu Jan 16 22:01:11 UTC 2014
Hello!
On Wed, Jan 15, 2014 at 07:30:20PM +0000, Eiríkur Nilsson wrote:
> Hey!
>
> On Wed, Jan 15, 2014 at 4:15 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> >
> >
> > It might be helpfull to see debug log and a tcpdump. See also
> > http://wiki.nginx.org/Debugging for hints.
>
>
> Debug log: http://cl.ly/142F2s2M0b2S
> tcpdump: http://cl.ly/2K3D2F1X0t0n (only contains traffic between iOS and
> nginx)
>
> This reproduction has nginx 1.5.8 running with SSL on port 4443 using
> /dev/poll. It's running on a new-ish smartmachine instance from Joyent. it
> gets two websocket connections:
>
> * The first at 18:43:52 is a new SSL session and works correctly, with
> traffic visible in tcpdump and debug log.
> * Second at 18:45:30 reuses the other SSL session but doesn't work, traffic
> can be seen in tcpdump but not in debug log.
>
> I find it very weird that there isn't a single debug message from nginx
> after it switches protocols for the second connection until I stop the
> nginx after the test is finished. I'm no closer.
Please try the following patch:
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -2565,6 +2565,16 @@ ngx_http_upstream_upgrade(ngx_http_reque
{
ngx_http_upstream_process_upgraded(r, 0, 1);
}
+
+ if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
+ ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
+ return;
+ }
+
+ if (ngx_handle_read_event(u->peer.connection->read, 0) != NGX_OK) {
+ ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
+ return;
+ }
}
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list