diff options
| author | Andrey Suvorov <a.suvorov@f5.com> | 2021-05-26 11:11:58 -0700 |
|---|---|---|
| committer | Andrey Suvorov <a.suvorov@f5.com> | 2021-05-26 11:11:58 -0700 |
| commit | 3efffddd95e564fe10f59e1de45afc2b551a5cba (patch) | |
| tree | e1efa2f511c68878405a3c45c3458ddb300f71d5 /src/nxt_tls.h | |
| parent | d67a0c871157454d591fa1d2a8b2d831b32e4040 (diff) | |
| download | unit-3efffddd95e564fe10f59e1de45afc2b551a5cba.tar.gz unit-3efffddd95e564fe10f59e1de45afc2b551a5cba.tar.bz2 | |
Fixing crash during TLS connection shutdown.
A crash was caused by an incorrect timer handler nxt_h1p_idle_timeout() if
SSL_shutdown() returned SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.
The flag SSL_RECEIVED_SHUTDOWN is used to avoid getting SSL_ERROR_WANT_READ, so
the server won't wait for a close notification from a client.
For SSL_ERROR_WANT_WRITE, a correct timer handler is set up.
Diffstat (limited to 'src/nxt_tls.h')
| -rw-r--r-- | src/nxt_tls.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/nxt_tls.h b/src/nxt_tls.h index c44bfe56..2a29f3ca 100644 --- a/src/nxt_tls.h +++ b/src/nxt_tls.h @@ -69,6 +69,8 @@ struct nxt_tls_conf_s { char *ca_certificate; size_t buffer_size; + + uint8_t no_wait_shutdown; /* 1 bit */ }; |