]> git.kaiwu.me - nginx.git/commit
SSL: avoid calling SSL_write() with zero data size.
authorValentin Bartenev <vbart@nginx.com>
Mon, 28 Jan 2013 15:40:25 +0000 (15:40 +0000)
committerValentin Bartenev <vbart@nginx.com>
Mon, 28 Jan 2013 15:40:25 +0000 (15:40 +0000)
commit0f0fac70a14fc489eab91888772073ed1259b633
treee44d6d8383f3f6d58afb97af1d23748312ffbf54
parentf98b1d256114e7f9bdfd17ea362cdcb137cdc62c
SSL: avoid calling SSL_write() with zero data size.

According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.

We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.

In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
src/event/ngx_event_openssl.c