Nginx 1.6.3 compile bug with openssl 1.0.2 (with ALPN enabled) ?
November 04, 2015 04:02AM
I cannot compile the nginx branch 1.6.3 against openssl 1.0.2d. There is compile error:

src/http/modules/ngx_http_ssl_module.c: In function 'ngx_http_ssl_alpn_select':
src/http/modules/ngx_http_ssl_module.c:351:5: error: 'c' undeclared (first use in this function)
src/http/modules/ngx_http_ssl_module.c:351:5: note: each undeclared identifier is reported only once for each function it appears in
make[1]: *** [objs/src/http/modules/ngx_http_ssl_module.o] Error 1
make: *** [build] Error 2

When you look at the code there,

#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation

static int
ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out,
unsigned char *outlen, const unsigned char *in, unsigned int inlen,
void *arg)
{
unsigned int srvlen;
unsigned char *srv;
#if (NGX_DEBUG)
unsigned int i;
#endif
#if (NGX_HTTP_SPDY)
ngx_http_connection_t *hc;
#endif
#if (NGX_HTTP_SPDY || NGX_DEBUG)
ngx_connection_t *c;

c = ngx_ssl_get_connection(ssl_conn);
#endif

#if (NGX_DEBUG)
for (i = 0; i < inlen; i += in[i] + 1) {
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"SSL ALPN supported by client: %*s", in[i], &in[i + 1]);
}
#endif

#if (NGX_HTTP_SPDY)
hc = c->data;

if (hc->addr_conf->spdy) {
srv = (unsigned char *) NGX_SPDY_NPN_ADVERTISE NGX_HTTP_NPN_ADVERTISE;
srvlen = sizeof(NGX_SPDY_NPN_ADVERTISE NGX_HTTP_NPN_ADVERTISE) - 1;

} else
#endif
{
srv = (unsigned char *) NGX_HTTP_NPN_ADVERTISE;
srvlen = sizeof(NGX_HTTP_NPN_ADVERTISE) - 1;
}

if (SSL_select_next_proto((unsigned char **) out, outlen, srv, srvlen,
in, inlen)
!= OPENSSL_NPN_NEGOTIATED)
{
return SSL_TLSEXT_ERR_NOACK;
}

ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"SSL ALPN selected: %*s", *outlen, *out);

return SSL_TLSEXT_ERR_OK;
}

#endif

What will happen if you have TLSEXT_TYPE_application_layer_protocol_negotiation (openssl ALPN enabled) and do not have NGX_DEBUG and NGX_HTTP_SPDY - which is the most probable situation and you get error of undefined variable in
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"SSL ALPN selected: %*s", *outlen, *out);

because there is no "c" pointer?

Am I right?
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 112
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready