openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 nginx-forum at forum.nginx.org
Sun Mar 22 18:39:06 UTC 2020


How about this as this catches all 3 while conditions:

+++ src/event/ngx_event_openssl.c
@@ -2318,

    c->ssl->no_wait_shutdown = 1;
    c->ssl->no_send_shutdown = 1;

    if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) {
        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
                       "peer shutdown SSL cleanly");
        return NGX_DONE;
    }

+    /* https://forum.nginx.org/read.php?2,287377  */
+    /* https://github.com/openssl/openssl/issues/11381  */
+#ifdef SSL_R_UNEXPECTED_EOF_WHILE_READING
+    if (sslerr == SSL_ERROR_SSL && ERR_GET_REASON(ERR_peek_error())
+                   == SSL_R_UNEXPECTED_EOF_WHILE_READING) {
+        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                       "ssl3_read_n:unexpected eof while reading");
+        return NGX_DONE;
+    }
+#endif
+
    ngx_ssl_connection_error(c, sslerr, err, "SSL_read() failed");

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,287377,287420#msg-287420



More information about the nginx mailing list