Reinis Rozitis
March 19, 2020 05:54PM
> After using 1.1.1e, see also the commit where an explicit entry has been
> added.
> nginx just reports back what openssl passes, if this was unexpected (none
> critical) nginx needs to be patched, if not this openssl workaround (10880)
> needs to be changed.

Any comment on this from any nginx devs?
Been running 1.1.1c for some time and out of curiosity upgraded to 1.1.1e and indeed there are a lot of "(SSL: error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading)".

Is it "safe" to temporary revert the patch to reduce the noise (as per the github thread - the EOF (other than the "data loss") most likely has been there previously just not being returned as error) or are there more deeper problems with openssl/tls 1.3 etc?


Also since there are no plans to implement quic even in openssl 3.0 does it maybe make sense to compile nginx with BoringSSL?

rr



_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 18, 2020 07:17AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

J.R. March 18, 2020 09:32AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 18, 2020 09:52AM

RE: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Reinis Rozitis March 19, 2020 05:54PM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Sergey Kandaurov March 20, 2020 03:42AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Maxim Dounin March 20, 2020 09:00AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 20, 2020 09:54AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Maxim Dounin March 20, 2020 06:14PM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 21, 2020 04:49PM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 22, 2020 02:39PM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Sergey Kandaurov March 23, 2020 07:06AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 March 23, 2020 07:41AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Maxim Dounin March 23, 2020 08:36AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

Thomas Stephen Lee April 02, 2020 01:46AM

Re: openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 April 02, 2020 03:24AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 102
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready