QUIC: disabling bidirectional SSL shutdown earlier.

Notably, this fixes an issue with Chrome that can emit a "certificate_unknown" alert during the SSL handshake where c->ssl->no_wait_shutdown is not yet set.
author: Sergey Kandaurov <pluknet@nginx.com> 2020-12-06 14:24:38 +0000
committer: Sergey Kandaurov <pluknet@nginx.com> 2020-12-06 14:24:38 +0000
commit: 1d748f1ca351d255a7d256c7a99819e96f5c6a7c (patch)
tree: d78c9d43b6d462455c715ed9f3fc8cc549f6b948 /src
parent: 90ec7ef6dbc5e64a3eeafc5f6b79a06e830cedea (diff)
download: nginx-1d748f1ca351d255a7d256c7a99819e96f5c6a7c.tar.gz
nginx-1d748f1ca351d255a7d256c7a99819e96f5c6a7c.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c
index e1ab107b1..19ee17aaf 100644
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -1563,6 +1563,8 @@ ngx_quic_init_connection(ngx_connection_t *c)
         return NGX_ERROR;
     }
 
+    c->ssl->no_wait_shutdown = 1;
+
     ssl_conn = c->ssl->connection;
 
     if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
@@ -3726,7 +3728,6 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data)
                    "quic handshake completed successfully");
 
     c->ssl->handshaked = 1;
-    c->ssl->no_wait_shutdown = 1;
 
     frame = ngx_quic_alloc_frame(c, 0);
     if (frame == NULL) {
author	Sergey Kandaurov <pluknet@nginx.com>	2020-12-06 14:24:38 +0000
committer	Sergey Kandaurov <pluknet@nginx.com>	2020-12-06 14:24:38 +0000
commit	1d748f1ca351d255a7d256c7a99819e96f5c6a7c (patch)
tree	d78c9d43b6d462455c715ed9f3fc8cc549f6b948 /src
parent	90ec7ef6dbc5e64a3eeafc5f6b79a06e830cedea (diff)
download	nginx-1d748f1ca351d255a7d256c7a99819e96f5c6a7c.tar.gz nginx-1d748f1ca351d255a7d256c7a99819e96f5c6a7c.zip