Hello! On Mon, Oct 21, 2013 at 05:50:31PM +0000, Agent Coulson wrote:
> Hi! > > thanks for that input, I have done some debugging and examined the SSL > context when this state arrises. Two SSL* structs (from different > connections) point to the same packet data. Disabling the read_ahead flag > mitigates this. > > I've attached a patch, after applying I was unable to repro using > openssl-1.0.1e. > > I'll submit a report to the upstream openssl project. Disabling the read_ahead as a workaround looks wrong for me. While it probably reduces a chance for a problem to appear, it's likely still there. Have you tried looking into the OpenSSL code to find out what causes the actual problem? I think it's likely SSL_MODE_RELEASE_BUFFERS related (and I indeed can't reproduce the error without SSL_MODE_RELEASE_BUFFERS set), but I don't see any obvious problems in the code. -- Maxim Dounin http://nginx.org/en/donation.html _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
