mirror of
https://github.com/nginx/nginx.git
synced 2024-12-25 00:20:42 -06:00
SSL: set events ready flags after handshake.
The c->read->ready and c->write->ready flags might be reset during the handshake, and not set again if the handshake was finished on the other event. At the same time, some data might be read from the socket during the handshake, so missing c->read->ready flag might result in a connection hang, for example, when waiting for an SMTP greeting (which was already received during the handshake). Found by Sergey Kandaurov.
This commit is contained in:
parent
f8394db6fe
commit
15769c3918
@ -1740,6 +1740,9 @@ ngx_ssl_handshake(ngx_connection_t *c)
|
|||||||
c->recv_chain = ngx_ssl_recv_chain;
|
c->recv_chain = ngx_ssl_recv_chain;
|
||||||
c->send_chain = ngx_ssl_send_chain;
|
c->send_chain = ngx_ssl_send_chain;
|
||||||
|
|
||||||
|
c->read->ready = 1;
|
||||||
|
c->write->ready = 1;
|
||||||
|
|
||||||
#ifndef SSL_OP_NO_RENEGOTIATION
|
#ifndef SSL_OP_NO_RENEGOTIATION
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
#ifdef SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
|
#ifdef SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
|
||||||
@ -1885,6 +1888,9 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
|
|||||||
c->recv_chain = ngx_ssl_recv_chain;
|
c->recv_chain = ngx_ssl_recv_chain;
|
||||||
c->send_chain = ngx_ssl_send_chain;
|
c->send_chain = ngx_ssl_send_chain;
|
||||||
|
|
||||||
|
c->read->ready = 1;
|
||||||
|
c->write->ready = 1;
|
||||||
|
|
||||||
rc = ngx_ssl_ocsp_validate(c);
|
rc = ngx_ssl_ocsp_validate(c);
|
||||||
|
|
||||||
if (rc == NGX_ERROR) {
|
if (rc == NGX_ERROR) {
|
||||||
|
Loading…
Reference in New Issue
Block a user