diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2005-12-18 16:02:44 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2005-12-18 16:02:44 +0000 |
| commit | 43f279dc9c57673ffdf6058590ee16f798fb0b24 (patch) | |
| tree | 70f1073e0a266f1888469712709df3817dc2df1b /src/event/ngx_event_openssl.c | |
| parent | d10f2fb86f787f8e5bffd5877f2a0cf72afb1d55 (diff) | |
| download | nginx-release-0.3.17.tar.gz nginx-release-0.3.17.zip | |
nginx-0.3.17-RELEASE importrelease-0.3.17
*) Change: now on Linux configure checks the presence of epoll and
sendfile64() in kernel.
*) Feature: the "map" directive supports domain names in the
".domain.tld" form.
*) Bugfix: the timeouts were not used in SSL handshake; the bug had
appeared in 0.2.4.
*) Bugfix: in the HTTPS protocol in the "proxy_pass" directive.
*) Bugfix: when the HTTPS protocol was used in the "proxy_pass"
directive the port 80 was used by default.
Diffstat (limited to 'src/event/ngx_event_openssl.c')
| -rw-r--r-- | src/event/ngx_event_openssl.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index b343718e4..788463c3d 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -334,6 +334,7 @@ ngx_ssl_handshake(ngx_connection_t *c) if (sslerr == SSL_ERROR_WANT_READ) { c->read->ready = 0; c->read->handler = ngx_ssl_handshake_handler; + c->write->handler = ngx_ssl_handshake_handler; if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) { return NGX_ERROR; @@ -344,6 +345,7 @@ ngx_ssl_handshake(ngx_connection_t *c) if (sslerr == SSL_ERROR_WANT_WRITE) { c->write->ready = 0; + c->read->handler = ngx_ssl_handshake_handler; c->write->handler = ngx_ssl_handshake_handler; if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) { @@ -357,6 +359,7 @@ ngx_ssl_handshake(ngx_connection_t *c) c->ssl->no_wait_shutdown = 1; c->ssl->no_send_shutdown = 1; + c->read->eof = 1; if (sslerr == SSL_ERROR_ZERO_RETURN || ERR_peek_error() == 0) { ngx_log_error(NGX_LOG_INFO, c->log, err, @@ -365,6 +368,8 @@ ngx_ssl_handshake(ngx_connection_t *c) return NGX_ERROR; } + c->read->error = 1; + ngx_ssl_connection_error(c, sslerr, err, "SSL_do_handshake() failed"); return NGX_ERROR; @@ -381,6 +386,11 @@ ngx_ssl_handshake_handler(ngx_event_t *ev) ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL handshake handler: %d", ev->write); + if (ev->timedout) { + c->ssl->handler(c); + return; + } + if (ngx_ssl_handshake(c) == NGX_AGAIN) { return; } @@ -548,6 +558,7 @@ ngx_ssl_handle_recv(ngx_connection_t *c, int n) return NGX_DONE; } + c->read->error = 1; ngx_ssl_connection_error(c, sslerr, err, "SSL_read() failed"); return NGX_ERROR; @@ -773,6 +784,7 @@ ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) c->ssl->no_wait_shutdown = 1; c->ssl->no_send_shutdown = 1; + c->write->error = 1; ngx_ssl_connection_error(c, sslerr, err, "SSL_write() failed"); @@ -795,6 +807,7 @@ ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c) { int n, sslerr, mode; + ngx_err_t err; ngx_uint_t again; if (c->timedout) { @@ -866,7 +879,9 @@ ngx_ssl_shutdown(ngx_connection_t *c) return NGX_AGAIN; } - ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_shutdown() failed"); + err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0; + + ngx_ssl_connection_error(c, sslerr, err, "SSL_shutdown() failed"); SSL_free(c->ssl->connection); c->ssl = NULL; |