Opened 5 years ago

#1716 new defect

http2 ssl verify certificate failed should close tcp connection

Reported by: xujunHW@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.15.x
Keywords: http2 ssl verify certificate Cc:
uname -a: Linux ubuntu 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016 x86_64
nginx -V: nginx version: nginx/1.15.8
built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.11)
built with OpenSSL 1.0.2g 1 Mar 2016
TLS SNI support enabled
configure arguments: --with-http_v2_module --with-http_ssl_module --with-debug


when http2 ssl verify certificate failed, nginx send err response with 400 instead of closeing connection in the ngx_http_process_request function. client can send request continuously when all requests in this connection will recv a err response.
on the contrary, http1.1 with keepalive will close connection when verify certificate failed.

Change History (0)

Note: See TracTickets for help on using tickets.