diff options
author | Maxim Dounin <mdounin@mdounin.ru> | 2020-08-10 18:52:34 +0300 |
---|---|---|
committer | Maxim Dounin <mdounin@mdounin.ru> | 2020-08-10 18:52:34 +0300 |
commit | eae2b2fdf15c52f058c0c08763a5c373997d0535 (patch) | |
tree | d623e6f62493ee08b7c8c95080eb25b9484996d4 /src/http/ngx_http_request.c | |
parent | 1d696cd37947ef816bde4d54d7b6f97374f1151d (diff) |
SSL: disabled sending shutdown after ngx_http_test_reading().
Sending shutdown when ngx_http_test_reading() detects the connection is
closed can result in "SSL_shutdown() failed (SSL: ... bad write retry)"
critical log messages if there are blocked writes.
Fix is to avoid sending shutdown via the c->ssl->no_send_shutdown flag,
similarly to how it is done in ngx_http_keepalive_handler() for kqueue
when pending EOF is detected.
Reported by Jan PrachaĆ
(http://mailman.nginx.org/pipermail/nginx-devel/2018-December/011702.html).
Diffstat (limited to 'src/http/ngx_http_request.c')
-rw-r--r-- | src/http/ngx_http_request.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 257c4064b..f80785d8f 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -2992,6 +2992,12 @@ closed: rev->error = 1; } +#if (NGX_HTTP_SSL) + if (c->ssl) { + c->ssl->no_send_shutdown = 1; + } +#endif + ngx_log_error(NGX_LOG_INFO, c->log, err, "client prematurely closed connection"); |