diff options
author | Murilo Andrade <murilo.b.andrade@gmail.com> | 2022-08-09 17:13:46 -0300 |
---|---|---|
committer | Murilo Andrade <murilo.b.andrade@gmail.com> | 2022-08-09 17:13:46 -0300 |
commit | 4a4572ff4a18b76bdd039c623a5ca0cb56904d34 (patch) | |
tree | 94057ba34c382c19212e40d48cdad55acd1f437e | |
parent | d87d0f82caa26839bfc3f90866517b22ac15cc88 (diff) | |
download | nginx-4a4572ff4a18b76bdd039c623a5ca0cb56904d34.tar.gz |
SSL: logging level of "bad record type" errors.
The SSL_R_BAD_RECORD_TYPE ("bad record type") errors are reported by
OpenSSL 1.1.1 or newer when using TLSv1.3 if the client sends a record
with unknown or unexpected type. These errors are now logged at the
"info" level.
-rw-r--r-- | src/event/ngx_event_openssl.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 7b0417e4f..bbeb5f0c5 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -3423,6 +3423,9 @@ ngx_ssl_connection_error(ngx_connection_t *c, int sslerr, ngx_err_t err, #ifdef SSL_R_VERSION_TOO_LOW || n == SSL_R_VERSION_TOO_LOW /* 396 */ #endif +#ifdef SSL_R_BAD_RECORD_TYPE + || n == SSL_R_BAD_RECORD_TYPE /* 443 */ +#endif || n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */ #ifdef SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE || n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */ |