Klaus Demo nginx / 7b232ef
SSL: avoid calling SSL_shutdown() during handshake (ticket #901). This fixes "called a function you should not call" and "shutdown while in init" errors as observed with OpenSSL 1.0.2f due to changes in how OpenSSL handles SSL_shutdown() during SSL handshakes. Maxim Dounin 6 years ago
1 changed file(s) with 13 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
17651765 {
17661766 int n, sslerr, mode;
17671767 ngx_err_t err;
1768
1769 if (SSL_in_init(c->ssl->connection)) {
1770 /*
1771 * OpenSSL 1.0.2f complains if SSL_shutdown() is called during
1772 * an SSL handshake, while previous versions always return 0.
1773 * Avoid calling SSL_shutdown() if handshake wasn't completed.
1774 */
1775
1776 SSL_free(c->ssl->connection);
1777 c->ssl = NULL;
1778
1779 return NGX_OK;
1780 }
17681781
17691782 if (c->timedout) {
17701783 mode = SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN;