diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2007-12-20 13:04:20 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2007-12-20 13:04:20 +0000 |
| commit | fc28270ac2dca42f86c9d16209592d719b686d68 (patch) | |
| tree | 4249b13abd38d271bdfffb9b89be85120fab7080 /src | |
| parent | 94b3ea319b25d81497218b90e8515d42881ca4c5 (diff) | |
| download | nginx-fc28270ac2dca42f86c9d16209592d719b686d68.tar.gz nginx-fc28270ac2dca42f86c9d16209592d719b686d68.zip | |
cleaning stale global SSL error
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/ngx_event_openssl.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index e4f92148f..32060cd3d 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -22,6 +22,7 @@ static void ngx_ssl_read_handler(ngx_event_t *rev); static void ngx_ssl_shutdown_handler(ngx_event_t *ev); static void ngx_ssl_connection_error(ngx_connection_t *c, int sslerr, ngx_err_t err, char *text); +static void ngx_ssl_clear_error(ngx_log_t *log); static ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data); @@ -404,6 +405,8 @@ ngx_ssl_handshake(ngx_connection_t *c) int n, sslerr; ngx_err_t err; + ngx_ssl_clear_error(c->log); + n = SSL_do_handshake(c->ssl->connection); ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); @@ -605,6 +608,8 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size) bytes = 0; + ngx_ssl_clear_error(c->log); + /* * SSL_read() may return data in parts, so try to read * until SSL_read() would return no data @@ -895,6 +900,8 @@ ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size) int n, sslerr; ngx_err_t err; + ngx_ssl_clear_error(c->log); + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL to write: %d", size); n = SSL_write(c->ssl->connection, data, size); @@ -998,6 +1005,8 @@ ngx_ssl_shutdown(ngx_connection_t *c) SSL_set_shutdown(c->ssl->connection, mode); + ngx_ssl_clear_error(c->log); + n = SSL_shutdown(c->ssl->connection); ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n); @@ -1116,6 +1125,15 @@ ngx_ssl_connection_error(ngx_connection_t *c, int sslerr, ngx_err_t err, } +static void +ngx_ssl_clear_error(ngx_log_t *log) +{ + if (ERR_peek_error()) { + ngx_ssl_error(NGX_LOG_ALERT, log, 0, "ignoring stale global SSL error"); + } +} + + void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err, char *fmt, ...) { |