Welcome! Log In Create A New Profile

Advanced

[PATCH] SSL: fix build with recent OpenSSL

Piotr Sikora
July 09, 2014 03:30PM
# HG changeset patch
# User Piotr Sikora <piotr@cloudflare.com>
# Date 1404934035 25200
# Wed Jul 09 12:27:15 2014 -0700
# Node ID 1087b3beb12068ca3641240d10c0e18a2dae6013
# Parent d80543940f9a33b262d05864a30ab8b22e906455
SSL: fix build with recent OpenSSL.

X509_check_host() prototype changed recently:
- http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ced3d91
- http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=297c67f

Bump version requirement, so that OpenSSL-1.0.2-beta1 uses fallback code.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>

diff -r d80543940f9a -r 1087b3beb120 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Wed Jul 09 23:23:59 2014 +0900
+++ b/src/event/ngx_event_openssl.c Wed Jul 09 12:27:15 2014 -0700
@@ -50,7 +50,7 @@ static int ngx_ssl_session_ticket_key_ca
HMAC_CTX *hctx, int enc);
#endif

-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if OPENSSL_VERSION_NUMBER < 0x10002002L
static ngx_int_t ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *str);
#endif

@@ -2733,7 +2733,7 @@ ngx_ssl_check_host(ngx_connection_t *c,
return NGX_ERROR;
}

-#if OPENSSL_VERSION_NUMBER >= 0x10002001L
+#if OPENSSL_VERSION_NUMBER >= 0x10002002L

/* X509_check_host() is only available in OpenSSL 1.0.2+ */

@@ -2741,7 +2741,9 @@ ngx_ssl_check_host(ngx_connection_t *c,
goto failed;
}

- if (X509_check_host(cert, name->data, name->len, 0) != 1) {
+ if (X509_check_host(cert, (const char *) name->data, name->len, 0, NULL)
+ != 1)
+ {
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
"X509_check_host(): no match");
goto failed;
@@ -2850,7 +2852,7 @@ found:
}


-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if OPENSSL_VERSION_NUMBER < 0x10002002L

static ngx_int_t
ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *pattern)

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[PATCH] SSL: fix build with recent OpenSSL

Piotr Sikora 529 July 09, 2014 03:30PM

Re: [PATCH] SSL: fix build with recent OpenSSL

Maxim Dounin 439 July 11, 2014 12:00PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 306
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready