[nginx] SSL: disabled sending shutdown after ngx_http_test_reading().
Maxim Dounin
mdounin at mdounin.ru
Mon Aug 10 15:55:59 UTC 2020
details: https://hg.nginx.org/nginx/rev/45764bca69b0
branches:
changeset: 7696:45764bca69b0
user: Maxim Dounin <mdounin at mdounin.ru>
date: Mon Aug 10 18:52:34 2020 +0300
description:
SSL: disabled sending shutdown after ngx_http_test_reading().
Sending shutdown when ngx_http_test_reading() detects the connection is
closed can result in "SSL_shutdown() failed (SSL: ... bad write retry)"
critical log messages if there are blocked writes.
Fix is to avoid sending shutdown via the c->ssl->no_send_shutdown flag,
similarly to how it is done in ngx_http_keepalive_handler() for kqueue
when pending EOF is detected.
Reported by Jan Prachař
(http://mailman.nginx.org/pipermail/nginx-devel/2018-December/011702.html).
diffstat:
src/http/ngx_http_request.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diffs (16 lines):
diff -r d57f15922ca3 -r 45764bca69b0 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c Mon Aug 10 18:52:20 2020 +0300
+++ b/src/http/ngx_http_request.c Mon Aug 10 18:52:34 2020 +0300
@@ -2992,6 +2992,12 @@ closed:
rev->error = 1;
}
+#if (NGX_HTTP_SSL)
+ if (c->ssl) {
+ c->ssl->no_send_shutdown = 1;
+ }
+#endif
+
ngx_log_error(NGX_LOG_INFO, c->log, err,
"client prematurely closed connection");
More information about the nginx-devel
mailing list