NGINX TLS Behavior
Sergey Kandaurov
pluknet at nginx.com
Wed Dec 26 12:23:52 UTC 2018
> On 26 Dec 2018, at 14:56, bhaktaonline <nginx-forum at forum.nginx.org> wrote:
>
> Thanks for the quick response, Sergey,
>
> I set:
> postpone_output 200;
>
> killed/restarted the server
>
> this should have postponed writing output until 200 bytes is available. The
> HTTP header is 244 bytes and it should have triggered an output.. I however
> still see on single TLS record which has both header and data:
>
> Any suggestions?
Ok, that's due to SSL buffering in nginx that isn't configurable.
You can turn it off though by recompiling with this patch.
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -725,7 +725,7 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx,
ngx_http_ssl_module);
- if (ngx_ssl_create_connection(&sscf->ssl, c, NGX_SSL_BUFFER)
+ if (ngx_ssl_create_connection(&sscf->ssl, c, 0)
!= NGX_OK)
{
ngx_http_close_connection(c);
--
Sergey Kandaurov
More information about the nginx
mailing list