Event pipe: disabled c->read->available checking for SSL.

In SSL connections, data can be buffered by the SSL layer, and it is wrong to avoid doing c->recv_chain() if c->read->available is 0 and c->read->pending_eof is set. And tests show that the optimization in question indeed can result in incorrect detection of premature connection close if upstream closes the connection without sending a close notify alert at the same time. Fix is to disable c->read->available optimization for SSL connections.
author: Maxim Dounin <mdounin@mdounin.ru> 2019-10-17 16:02:03 +0300
committer: Maxim Dounin <mdounin@mdounin.ru> 2019-10-17 16:02:03 +0300
commit: 60609f2372f62628191bf01ed856a46cd488921b (patch)
tree: 4ce6f5cfca54d0762e8d10f34465411143abcd4f /src
parent: 3c84e4b70584b78e6a34a3233465cfa99d26b107 (diff)
download: nginx-60609f2372f62628191bf01ed856a46cd488921b.tar.gz
nginx-60609f2372f62628191bf01ed856a46cd488921b.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/event/ngx_event_pipe.c b/src/event/ngx_event_pipe.c
index da7c4ee7f..531b13aad 100644
--- a/src/event/ngx_event_pipe.c
+++ b/src/event/ngx_event_pipe.c
@@ -172,7 +172,11 @@ ngx_event_pipe_read_upstream(ngx_event_pipe_t *p)
              */
 
             if (p->upstream->read->available == 0
-                && p->upstream->read->pending_eof)
+                && p->upstream->read->pending_eof
+#if (NGX_SSL)
+                && !p->upstream->ssl
+#endif
+                )
             {
                 p->upstream->read->ready = 0;
                 p->upstream->read->eof = 1;
author	Maxim Dounin <mdounin@mdounin.ru>	2019-10-17 16:02:03 +0300
committer	Maxim Dounin <mdounin@mdounin.ru>	2019-10-17 16:02:03 +0300
commit	60609f2372f62628191bf01ed856a46cd488921b (patch)
tree	4ce6f5cfca54d0762e8d10f34465411143abcd4f /src
parent	3c84e4b70584b78e6a34a3233465cfa99d26b107 (diff)
download	nginx-60609f2372f62628191bf01ed856a46cd488921b.tar.gz nginx-60609f2372f62628191bf01ed856a46cd488921b.zip