Context Navigation

← Previous Ticket
Next Ticket →

#2056 closed defect (fixed)

TLS ALert "close_notify" missing

Reported by:	rudirodi@…	Owned by:
Priority:	minor	Milestone:
Component:	documentation	Version:	1.17.x
Keywords:	close_notify, alert, post	Cc:
uname -a:	Linux ubuntu-2gb-nbg1-1 4.15.0-70-generic #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
nginx -V:	1.15.8 and 1.17.8

Description (last modified by rudirodi@…)

nginx Version: 1.15.8 and 1.17.8

WHEN:

Request Method: POST
any POST body is sent
NGINX returns 403

THEN:
NGINX is not sending a close_notify Alert to close the connection.

Why it looks like a bug:

When no POST Body is included in the request the close_notify is sent.

Change History (3)

comment:1 by rudirodi@…, 4 years ago

Description:	modified (diff)

comment:2 by Ruslan Ermilov <ru@…>, 3 years ago

In 7738:554c6ae25ffc/nginx:

SSL: fixed non-working SSL shutdown on lingering close.

When doing lingering close, the socket was first shut down for writing,
so SSL shutdown initiated after lingering close was not able to send
the close_notify alerts (ticket #2056).

The fix is to call ngx_ssl_shutdown() before shutting down the socket.

comment:3 by Ruslan Ermilov, 3 years ago

Resolution:	→ fixed
Status:	new → closed

Note: See TracTickets for help on using tickets.

Download in other formats: