Fijxu/nginx-quic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
6888 commits 18 branches 0 tags 149 MiB
C 97.3%
Vim Script 2.1%
XS 0.4%
Perl 0.1%
Find a file
Sergey Kandaurov aa59acf058 SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option. 
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send
close_notify before closing the connection.  Previously, it was to return
SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is
handled gracefully in nginx.  Now it returns SSL_ERROR_SSL with a distinct
reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading").
This leads to critical errors seen in nginx within various routines such as
SSL_do_handshake(), SSL_read(), SSL_shutdown().  The behaviour was restored
in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.

Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows
to set a compatible behaviour to return SSL_ERROR_ZERO_RETURN:
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0

See for additional details: https://github.com/openssl/openssl/issues/11381
2021-08-10 23:43:17 +03:00
auto Configure: fixed --test-build-epoll on FreeBSD 13. 2021-04-05 20:14:16 +03:00
conf MIME: added font/woff2 type (ticket #1243). 2018-06-15 17:29:55 +03:00
contrib Contrib: vim syntax, default highlighting (ticket #2141). 2021-02-25 23:42:25 +03:00
docs nginx-1.20.1-RELEASE 2021-05-25 15:35:38 +03:00
misc Updated OpenSSL used for win32 builds. 2021-03-30 17:44:36 +03:00
src SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option. 2021-08-10 23:43:17 +03:00