SSL proxy corruption

Igor Sysoev is at rambler-co.ru
Sat Mar 31 23:50:01 MSD 2007 

On Fri, Mar 23, 2007 at 08:17:49PM -0500, Nicholas Riley wrote:

> I am attempting to set up nginx for load balancing.  HTTP works fine,
> but I'm intermittently getting corrupted output back from HTTPS.  The
> responses contain garbage after the actual end of the document.  There
> appears to be some randomness/timing to this; the amount of garbage as
> well as its contents varies.  In addition to Web browsers I can
> replicate this with "openssl s_client" using a single HTTP 1.0
> request, no keep-alive or anything.
> 
> The load balancing machine is running nginx 0.5.14 on OpenBSD.  The
> balanced servers are Apache 2.2.3 and 2.0.54 on Linux.
> 
> Here is a minimal nginx.conf which demonstrates the problem:
> 
> worker_processes 1;
> error_log  /var/log/nginx-error.log;
> 
> events {
>   worker_connections 1024;
> }
> 
> http {
>   upstream acm-ssl {
>       server 172.22.32.80:443;
>   }
>   
>   server {
>       listen                    443;
>       server_name               www-s.acm.uiuc.edu;
>       ssl                       on;
>       ssl_certificate           /etc/nginx/www-s.acm.uiuc.edu.crt;
>       ssl_certificate_key       /etc/nginx/www-s.acm.uiuc.edu.key;
>       keepalive_timeout         70;
> 
>       location / {
>         proxy_set_header        Host $host;
>         proxy_set_header        X-Real-IP $remote_addr;
>         proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
>         proxy_pass              https://acm-ssl;
>       }
>   }
> }
> 
> (And yes, I realize encrypting twice is wasteful; unfortunately we
> don't yet have the ability to secure the network connection so we need
> to do it this way.)

The attached patch should fix the bug.


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/event/ngx_event_openssl.c
===================================================================
--- src/event/ngx_event_openssl.c	(revision 473)
+++ src/event/ngx_event_openssl.c	(revision 474)
@@ -547,22 +547,32 @@
 ssize_t
 ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl)
 {
+    u_char     *last;
     ssize_t     n, bytes;
     ngx_buf_t  *b;
 
     bytes = 0;
 
-    while (cl) {
-        b = cl->buf;
+    b = cl->buf;
+    last = b->last;
 
-        n = ngx_ssl_recv(c, b->last, b->end - b->last);
+    for ( ;; ) {
 
+        n = ngx_ssl_recv(c, last, b->end - last);
+
         if (n > 0) {
-            b->last += n;
+            last += n;
             bytes += n;
 
-            if (b->last == b->end) {
+            if (last == b->end) {
                 cl = cl->next;
+
+                if (cl == NULL) {
+                    return bytes;
+                }
+
+                b = cl->buf;
+                last = b->last;
             }
 
             continue;
@@ -574,8 +584,6 @@
 
         return n;
     }
-
-    return bytes;
 }

More information about the nginx mailing list