Hi Maxim, Here is the version details from my full recompile of NGINX 64-bit on Windows. My code base is 2 months old, but it reproduced Saint's issue.
nginx version: nginx/1.23.3 > built by cl 19.34.31937 for x64 > *built with OpenSSL 3.1.0-beta1-dev* > TLS SNI support enabled > configure arguments: --with-cc=cl --builddir=objs --with-debug --prefix=. > --conf-path=conf/nginx.conf --pid-path=logs/nginx.pid > --http-log-path=logs/access.log --error-log-path=logs/error.log > --sbin-path=nginx.exe --http-client-body-temp-path=temp/client_body_temp > --http-proxy-temp-path=temp/proxy_temp > --http-fastcgi-temp-path=temp/fastcgi_temp > --http-scgi-temp-path=temp/scgi_temp --http-uwsgi-temp-path=temp/uwsgi_temp > --with-cc-opt=-DFD_SETSIZE=1024 --with-pcre=objs/lib/pcre2 > --with-zlib=objs/lib/zlib --with-select_module --with-http_v2_module > --with-http_realip_module --with-http_addition_module > --with-http_sub_module --with-http_dav_module > --with-http_stub_status_module --with-http_flv_module > --with-http_mp4_module --with-http_gunzip_module > --with-http_gzip_static_module --with-http_auth_request_module > --with-http_random_index_module --with-http_secure_link_module > --with-http_slice_module --with-mail --with-stream --with-http_ssl_module > --with-mail_ssl_module --with-stream_ssl_module > --with-openssl=objs/lib/openssl > --add-module=objs/lib/spnego-http-auth-nginx-module --with-cc-opt='-I > objs/lib/krb5/objs/include' > I'm using a OpenSSL beta build from earlier, but I was able to reproduce Saint's issue and discovered the work-around with lowering the ssl_buffer_size to 4k, Something for Saint to try out. On Thu, Feb 23, 2023 at 10:26 PM Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Thu, Feb 23, 2023 at 09:42:29PM -0500, Dan Swaney wrote: > > > Ah-ah...I caught the NGINX failure in the SSL response: > > [...] > > > > 2023/02/23 21:24:49 [debug] 4768#4528: *1 malloc: > 000002DC83A8F350:16384 > > > 2023/02/23 21:24:49 [debug] 4768#4528: *1 SSL buf copy: 626 > > > 2023/02/23 21:24:49 [debug] 4768#4528: *1 SSL buf copy: 15758 > > > *2023/02/23 21:24:49 [debug] 4768#4528: *1 SSL to write: 16384* > > > 2023/02/23 21:24:49 [debug] 4768#4528: ssl remove session: B87DD7B9:32 > > > 2023/02/23 21:24:49 [debug] 4768#4528: shmtx lock > > > 2023/02/23 21:24:49 [debug] 4768#4528: shmtx unlock > > > 2023/02/23 21:24:49 [debug] 4768#4528: *1 SSL_write: -1 > > > 2023/02/23 21:24:49 [debug] 4768#4528: *1 SSL_get_error: 1 > > > > > > *2023/02/23 21:24:49 [crit] 4768#4528: *1 SSL_write() failed (SSL: > > > error:0A0C0103:SSL routines::internal error) while sending response to > > > client, client: 192.168.80.130, server: win10-web-svr.dreamstone.com > > > <http://win10-web-svr.dreamstone.com>, request: "GET > /images/image001.jpg > > > HTTP/1.1", host: "win10-web-svr.dreamstone.com > > > <http://win10-web-svr.dreamstone.com>", referrer: > > > "https://win10-web-svr.dreamstone.com/ > > > <https://win10-web-svr.dreamstone.com/>"* > > The error suggests there is a bug in the SSL library you are > using. What does "nginx -V" show? > > (IIRC, there was something like this in the OpenSSL development > recently, though I believe it doesn't affect any of the released > versions. I may be wrong though.) > > -- > Maxim Dounin > http://mdounin.ru/ > _______________________________________________ > nginx mailing list > nginx@nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
