With this change, behaviour of ngx_ssl_recv() now matches ngx_unix_recv(),
which used to always reset c->read->ready to 0 when returning errors.
This fixes an infinite loop in unbuffered SSL proxying if writing to the
client is blocked and an SSL error happens (ticket #2418).
With this change, the fix for a similar issue in the stream module
(6868:
ee3645078759), which used a different approach of explicitly
testing c->read->error instead, is no longer needed and was reverted.
#endif
if (c->ssl->last == NGX_ERROR) {
+ c->read->ready = 0;
c->read->error = 1;
return NGX_ERROR;
}
#if (NGX_HAVE_FIONREAD)
if (ngx_socket_nread(c->fd, &c->read->available) == -1) {
+ c->read->ready = 0;
c->read->error = 1;
ngx_connection_error(c, ngx_socket_errno,
ngx_socket_nread_n " failed");
return 0;
case NGX_ERROR:
+ c->read->ready = 0;
c->read->error = 1;
/* fall through */
size_t readbytes;
if (c->ssl->last == NGX_ERROR) {
+ c->read->ready = 0;
c->read->error = 1;
return NGX_ERROR;
}
return 0;
case NGX_ERROR:
+ c->read->ready = 0;
c->read->error = 1;
/* fall through */
size = b->end - b->last;
- if (size && src->read->ready && !src->read->delayed
- && !src->read->error)
- {
+ if (size && src->read->ready && !src->read->delayed) {
+
if (limit_rate) {
limit = (off_t) limit_rate * (ngx_time() - u->start_sec + 1)
- *received;
projects / nginx.git / commitdiff