nginx

mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00

Go to file

Sergey Kandaurov 5155845ce4 SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.

A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection.  Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx.  Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown().  The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.

Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0

See for additional details: https://github.com/openssl/openssl/issues/11381

2021-08-10 23:43:17 +03:00

auto

Configure: fixed --test-build-epoll on FreeBSD 13.

2021-04-05 20:14:16 +03:00

conf

MIME: added application/wasm type (ticket #1606 ).

2021-05-08 20:31:03 +03:00

contrib

Contrib: vim syntax, update core and 3rd party module directives.

2021-05-30 12:26:00 +03:00

docs

nginx-1.21.1-RELEASE

2021-07-06 17:59:16 +03:00

misc

Updated OpenSSL used for win32 builds.

2021-03-30 17:44:36 +03:00

src

SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.

2021-08-10 23:43:17 +03:00

.hgtags

release-1.21.1 tag

2021-07-06 17:59:17 +03:00

Description

An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html

78 MiB