An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
Go to file
Sergey Kandaurov 5155845ce4 SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection.  Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx.  Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown().  The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.

Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0

See for additional details: https://github.com/openssl/openssl/issues/11381
2021-08-10 23:43:17 +03:00
auto Configure: fixed --test-build-epoll on FreeBSD 13. 2021-04-05 20:14:16 +03:00
conf MIME: added application/wasm type (ticket #1606). 2021-05-08 20:31:03 +03:00
contrib Contrib: vim syntax, update core and 3rd party module directives. 2021-05-30 12:26:00 +03:00
docs nginx-1.21.1-RELEASE 2021-07-06 17:59:16 +03:00
misc Updated OpenSSL used for win32 builds. 2021-03-30 17:44:36 +03:00
src SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option. 2021-08-10 23:43:17 +03:00
.hgtags release-1.21.1 tag 2021-07-06 17:59:17 +03:00