Welcome! Log In Create A New Profile

Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases

Forum List Message List New Topic Print View

Piotr Sikora

October 27, 2014 07:52PM

Hey Sergey,

> diff -r 973fded4f461 -r 8c59ef63e7c0 src/event/ngx_event_openssl.h
> --- a/src/event/ngx_event_openssl.h Wed Oct 15 22:57:23 2014 +0400
> +++ b/src/event/ngx_event_openssl.h Mon Oct 27 13:19:01 2014 +0300
> @@ -22,6 +22,7 @@
> #include <openssl/engine.h>
> #endif
> #include <openssl/evp.h>
> +#include <openssl/pkcs12.h>
> #ifndef OPENSSL_NO_OCSP
> #include <openssl/ocsp.h>
> #endif

This should be added after ocsp.h, ideally guarded for OpenSSL only, i.e.:

+#ifndef OPENSSL_IS_BORINGSSL
+#include <openssl/pkcs12.h>
+#endif

I've looked into BoringSSL and it supports PKCS#8 private keys with
encrypted with PKCS#12 compatible algorithms even now, without any
changes in nginx, because it reports bad passwords using the same
error code as for traditional private keys (i.e.
CIPHER_R_BAD_DECRYPT).

Best regards,
Piotr Sikora

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	812	October 24, 2014 07:30AM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Sergey Kandaurov	349	October 27, 2014 09:56AM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Maxim Dounin	306	October 27, 2014 12:30PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	289	October 27, 2014 05:40PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Sergey Kandaurov	368	October 29, 2014 02:12PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Sergey Kandaurov	390	October 29, 2014 03:12PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	321	October 29, 2014 03:28PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	284	October 30, 2014 05:42AM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Sergey Kandaurov	378	October 30, 2014 10:42AM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	301	October 29, 2014 03:20PM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	324	October 30, 2014 12:16AM
Re: [PATCH] SSL: make ssl_password_file work with recent OpenSSL releases	Piotr Sikora	314	October 27, 2014 07:52PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 80

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018