Fwd: 1.17.5 regression

Maksim Yevmenkin maksim.yevmenkin at gmail.com
Thu Dec 19 17:01:10 UTC 2019 

hello,

[...]

> > > > Thanks for the report, it indeed looks like a bug introduced
> > > > in 9d2ad2fb4423.
> > > >
> > > > The problem is that c->read->handler is overwritted when switching
> > > > to the next pipelined request, ngx_ssl_next_read_handler() is not
> > > > called, and c->read->ready remains not set.  I'll take a look how
> > > > to fix it properly.
> > >
> > > Thanks for having a look.
> > >
> > > Please keep me updated when the fix gets applied.

[...]

> Not really.  I meant the workaround in question won't work on
> systems with kqueue.  The problem itself is present with kqueue as
> well.

i suspect there is another instance of the same problem. it manifests
itself when nginx is reading reueqst over https, i.e. ngx_ssl_recv()
is interacting with ngx_http_process_request_line() and friends.
rev->handler gets overwritten, and, ngx_ssl_next_read_handler() never
gets called.

i wonder if SSL_pending(3) can be of value here, i.e.

==

@@ -2116,7 +2116,7 @@ ngx_ssl_recv_chain(ngx_connection_t *c,
ngx_chain_t *cl, off_t limit)
 ssize_t
 ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size)
 {
-    int  n, bytes;
+    int  n, bytes, pending;

 #ifdef SSL_READ_EARLY_DATA_SUCCESS
     if (c->ssl->in_early) {
@@ -2147,8 +2147,9 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf,
size_t size)
     for ( ;; ) {

         n = SSL_read(c->ssl->connection, buf, size);
+        pending = SSL_pending(c->ssl->connection);

-        ngx_log_debug1(NGX_LOG_DEBUG_SSL, c->log, 0, "SSL_read: %d", n);
+        ngx_log_debug2(NGX_LOG_DEBUG_SSL, c->log, 0, "SSL_read: %d,
pending: %d", n, pending);

         if (n > 0) {
             bytes += n;
@@ -2161,8 +2162,13 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf,
size_t size)
             size -= n;

             if (size == 0) {
-                c->read->ready = 1;
+                c->read->available = pending;
+                c->read->ready = !!(pending > 0);

+                ngx_log_debug1(NGX_LOG_DEBUG_SSL, c->log, 0,
+                               "SSL_read: avail:%d", c->read->available);
+

+#if 0
                 if (c->read->available >= 0) {
                     c->read->available -= bytes;

@@ -2203,6 +2209,7 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf,
size_t size)

 #endif
                 }
+#endif

                 return bytes;
             }

===

thanks
max

More information about the nginx-devel mailing list