[PATCH] QUIC: improved ssl_reject_handshake error logging
Roman Arutyunyan
arut at nginx.com
Tue Feb 21 11:58:05 UTC 2023
On Mon, Feb 20, 2023 at 07:37:04PM +0400, Sergey Kandaurov wrote:
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1676907370 -14400
> # Mon Feb 20 19:36:10 2023 +0400
> # Branch quic
> # Node ID 60b9d9ef878cc87d8a18e968b4f9122534a7deb8
> # Parent ed403c1fe1f060ee362155bb00c43aaab356e30f
> QUIC: improved ssl_reject_handshake error logging.
>
> The check follows the ngx_ssl_handshake() change in 59e1c73fe02b.
>
> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> --- a/src/event/quic/ngx_event_quic_ssl.c
> +++ b/src/event/quic/ngx_event_quic_ssl.c
> @@ -422,8 +422,17 @@ ngx_quic_crypto_input(ngx_connection_t *
> sslerr);
>
> if (sslerr != SSL_ERROR_WANT_READ) {
> +
> + qc->error_reason = "handshake failed";
> +
> + if (c->ssl->handshake_rejected) {
> + ngx_connection_error(c, 0, "handshake rejected");
> + ERR_clear_error();
> +
> + return NGX_ERROR;
> + }
> +
> ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed");
> - qc->error_reason = "handshake failed";
> return NGX_ERROR;
> }
> }
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel
Looks ok
More information about the nginx-devel
mailing list