Mercurial > hg > nginx
changeset 4064:5b776ad53c3c
Proper SSL shutdown handling.
If connection has unsent alerts, SSL_shutdown() tries to send them even
if SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN) was used.
This can be prevented by SSL_set_quiet_shutdown(). SSL_set_shutdown()
is required nevertheless to preserve session.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 01 Sep 2011 13:49:36 +0000 |
parents | 8d70904b6c48 |
children | 227a819b46db |
files | src/event/ngx_event_openssl.c |
diffstat | 1 files changed, 5 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c Thu Sep 01 13:03:55 2011 +0000 +++ b/src/event/ngx_event_openssl.c Thu Sep 01 13:49:36 2011 +0000 @@ -1205,6 +1205,7 @@ if (c->timedout) { mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; + SSL_set_quiet_shutdown(c->ssl->connection, 1); } else { mode = SSL_get_shutdown(c->ssl->connection); @@ -1216,6 +1217,10 @@ if (c->ssl->no_send_shutdown) { mode |= SSL_SENT_SHUTDOWN; } + + if (c->ssl->no_wait_shutdown && c->ssl->no_send_shutdown) { + SSL_set_quiet_shutdown(c->ssl->connection, 1); + } } SSL_set_shutdown(c->ssl->connection, mode);