# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1622558271 -10800
# Node ID ae70fcb8ac93c3aa53c5add8345dae17e7ec201b
# Parent  0601a4e793bf38691bd75e0cf49be6d1c9bbb9ac
Fixed SSL logging with lingering close.

Recent fixes to SSL shutdown with lingering close (554c6ae25ffc, 1.19.5)
broke logging of SSL variables.  To make sure logging of SSL variables
works properly, avoid freeing c->ssl when doing an SSL shutdown before
lingering close.

Reported by Reinis Rozitis
(http://mailman.nginx.org/pipermail/nginx/2021-May/060670.html).

diff -r 0601a4e793bf -r ae70fcb8ac93 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	Tue Jun 01 17:37:49 2021 +0300
+++ b/src/event/ngx_event_openssl.c	Tue Jun 01 17:37:51 2021 +0300
@@ -3008,6 +3008,12 @@
 
 done:
 
+    if (c->ssl->shutdown_without_free) {
+        c->ssl->shutdown_without_free = 0;
+        c->recv = ngx_recv;
+        return rc;
+    }
+
     SSL_free(c->ssl->connection);
     c->ssl = NULL;
     c->recv = ngx_recv;
diff -r 0601a4e793bf -r ae70fcb8ac93 src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h	Tue Jun 01 17:37:49 2021 +0300
+++ b/src/event/ngx_event_openssl.h	Tue Jun 01 17:37:51 2021 +0300
@@ -100,6 +100,7 @@
     unsigned                    buffer:1;
     unsigned                    no_wait_shutdown:1;
     unsigned                    no_send_shutdown:1;
+    unsigned                    shutdown_without_free:1;
     unsigned                    handshake_buffer_set:1;
     unsigned                    try_early_data:1;
     unsigned                    in_early:1;
diff -r 0601a4e793bf -r ae70fcb8ac93 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c	Tue Jun 01 17:37:49 2021 +0300
+++ b/src/http/ngx_http_request.c	Tue Jun 01 17:37:51 2021 +0300
@@ -3398,6 +3398,8 @@
     if (c->ssl) {
         ngx_int_t  rc;
 
+        c->ssl->shutdown_without_free = 1;
+
         rc = ngx_ssl_shutdown(c);
 
         if (rc == NGX_ERROR) {