[nginx] SSL: disabled shutdown when there are buffered data.

Maxim Dounin mdounin at mdounin.ru
Wed Sep 16 21:41:35 UTC 2020


details:   https://hg.nginx.org/nginx/rev/052ecc68d350
branches:  
changeset: 7709:052ecc68d350
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Wed Sep 16 18:26:25 2020 +0300
description:
SSL: disabled shutdown when there are buffered data.

This fixes "SSL_shutdown() failed (SSL: ... bad write retry)" errors
as observed on the second SSL_shutdown() call after SSL shutdown fixes in
09fb2135a589 (1.19.2), notably when HTTP/2 connections are closed due
to read timeouts while there are incomplete writes.

diffstat:

 src/event/ngx_event_openssl.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r f3c87533f92c -r 052ecc68d350 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	Wed Sep 16 18:26:24 2020 +0300
+++ b/src/event/ngx_event_openssl.c	Wed Sep 16 18:26:25 2020 +0300
@@ -2805,7 +2805,7 @@ ngx_ssl_shutdown(ngx_connection_t *c)
         return NGX_OK;
     }
 
-    if (c->timedout || c->error) {
+    if (c->timedout || c->error || c->buffered) {
         mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN;
         SSL_set_quiet_shutdown(c->ssl->connection, 1);
 


More information about the nginx-devel mailing list