bugfix: support yielding in 'certificate_by_lua_*' when 'ssl_early_data' is on.
Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
This commit is contained in:
parent
2e480157a3
commit
34918a30c3
|
@ -14,9 +14,9 @@ Here we added support for such usage in NGINX 3rd-party modules
|
||||||
connections.
|
connections.
|
||||||
|
|
||||||
diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
|
diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
|
||||||
--- a/src/event/ngx_event_openssl.c Thu Dec 17 16:39:15 2015 +0300
|
--- a/src/event/ngx_event_openssl.c Thu Dec 17 16:39:15 2015 +0300
|
||||||
+++ b/src/event/ngx_event_openssl.c Sat Jan 02 11:14:44 2016 -0800
|
+++ b/src/event/ngx_event_openssl.c Sat Jan 02 11:14:44 2016 -0800
|
||||||
@@ -1210,6 +1210,23 @@
|
@@ -1445,6 +1445,23 @@ ngx_ssl_handshake(ngx_connection_t *c)
|
||||||
return NGX_AGAIN;
|
return NGX_AGAIN;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -39,4 +39,26 @@ diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
|
||||||
+
|
+
|
||||||
err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
|
err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
|
||||||
|
|
||||||
|
c->ssl->no_wait_shutdown = 1;
|
||||||
|
@@ -1558,6 +1575,21 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
|
||||||
|
return NGX_AGAIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
|
||||||
|
+ c->read->handler = ngx_ssl_handshake_handler;
|
||||||
|
+ c->write->handler = ngx_ssl_handshake_handler;
|
||||||
|
+
|
||||||
|
+ if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
|
||||||
|
+ return NGX_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
|
||||||
|
+ return NGX_ERROR;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return NGX_AGAIN;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
|
||||||
|
|
||||||
c->ssl->no_wait_shutdown = 1;
|
c->ssl->no_wait_shutdown = 1;
|
||||||
|
|
Loading…
Reference in New Issue