[nginx] SSL: logging level of "bad record type" errors.
Sergey Kandaurov
pluknet at nginx.com
Thu Sep 1 16:57:32 UTC 2022
details: https://hg.nginx.org/nginx/rev/9cf231508a8d
branches:
changeset: 8063:9cf231508a8d
user: Murilo Andrade <murilo.b.andrade at gmail.com>
date: Tue Aug 09 17:13:46 2022 -0300
description:
SSL: logging level of "bad record type" errors.
The SSL_R_BAD_RECORD_TYPE ("bad record type") errors are reported by
OpenSSL 1.1.1 or newer when using TLSv1.3 if the client sends a record
with unknown or unexpected type. These errors are now logged at the
"info" level.
diffstat:
src/event/ngx_event_openssl.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diffs (13 lines):
diff -r 6e818b00ee32 -r 9cf231508a8d src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Tue Aug 30 01:52:51 2022 +0300
+++ b/src/event/ngx_event_openssl.c Tue Aug 09 17:13:46 2022 -0300
@@ -3423,6 +3423,9 @@ ngx_ssl_connection_error(ngx_connection_
#ifdef SSL_R_VERSION_TOO_LOW
|| n == SSL_R_VERSION_TOO_LOW /* 396 */
#endif
+#ifdef SSL_R_BAD_RECORD_TYPE
+ || n == SSL_R_BAD_RECORD_TYPE /* 443 */
+#endif
|| n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */
#ifdef SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE
|| n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */
More information about the nginx-devel
mailing list