[nginx] svn commit: r5023 - trunk/src/event
vbart at nginx.com
vbart at nginx.com
Mon Jan 28 15:40:25 UTC 2013
Author: vbart
Date: 2013-01-28 15:40:25 +0000 (Mon, 28 Jan 2013)
New Revision: 5023
URL: http://trac.nginx.org/nginx/changeset/5023/nginx
Log:
SSL: avoid calling SSL_write() with zero data size.
According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.
We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.
In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
Modified:
trunk/src/event/ngx_event_openssl.c
Modified: trunk/src/event/ngx_event_openssl.c
===================================================================
--- trunk/src/event/ngx_event_openssl.c 2013-01-28 15:38:36 UTC (rev 5022)
+++ trunk/src/event/ngx_event_openssl.c 2013-01-28 15:40:25 UTC (rev 5023)
@@ -1213,6 +1213,12 @@
size = buf->last - buf->pos;
+ if (size == 0) {
+ buf->flush = 0;
+ c->buffered &= ~NGX_SSL_BUFFERED;
+ return in;
+ }
+
n = ngx_ssl_write(c, buf->pos, size);
if (n == NGX_ERROR) {
More information about the nginx-devel
mailing list