From 3efffddd95e564fe10f59e1de45afc2b551a5cba Mon Sep 17 00:00:00 2001
From: Andrey Suvorov <a.suvorov@f5.com>
Date: Wed, 26 May 2021 11:11:58 -0700
Subject: Fixing crash during TLS connection shutdown.

A crash was caused by an incorrect timer handler nxt_h1p_idle_timeout() if
SSL_shutdown() returned SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.

The flag SSL_RECEIVED_SHUTDOWN is used to avoid getting SSL_ERROR_WANT_READ, so
the server won't wait for a close notification from a client.

For SSL_ERROR_WANT_WRITE, a correct timer handler is set up.
---
 docs/changes.xml | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs')

diff --git a/docs/changes.xml b/docs/changes.xml
index 5717f1bd..cbe6269a 100644
--- a/docs/changes.xml
+++ b/docs/changes.xml
@@ -68,6 +68,12 @@ compatibility with Ruby 3.0.
 </para>
 </change>
 
+<change type="bugfix">
+<para>
+the router process could crash while closing TLS connection.
+</para>
+</change>
+
 <change type="bugfix">
 <para>
 a segmentation fault might have occurred in the PHP module if
-- 
cgit