diff options
| author | Remi Collet <remi@remirepo.net> | 2021-11-18 17:58:56 +0100 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2021-11-18 17:58:56 +0100 |
| commit | cb327d4a0098b9e8d446451c60ad82ac43676b44 (patch) | |
| tree | 9442b35121bbbcb225bc6e2a5accaf58b021ccff /unit-openssl3.patch | |
| parent | a9f96552032a89c02e77e4a463b3fed1a73ae4b7 (diff) | |
add better workaround for OpenSSL 3.0 from
https://github.com/nginx/unit/pull/598
Diffstat (limited to 'unit-openssl3.patch')
| -rw-r--r-- | unit-openssl3.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/unit-openssl3.patch b/unit-openssl3.patch new file mode 100644 index 0000000..38f2587 --- /dev/null +++ b/unit-openssl3.patch @@ -0,0 +1,59 @@ +From 988aa2115ec67111e8a124d4d6c0abccb63db05f Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 18 Nov 2021 17:47:39 +0100 +Subject: [PATCH 1/2] use ERR_get_error_all with openssl 3 + +--- + src/nxt_openssl.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c +index 1e08015e..22242538 100644 +--- a/src/nxt_openssl.c ++++ b/src/nxt_openssl.c +@@ -14,7 +14,6 @@ + #include <openssl/bio.h> + #include <openssl/evp.h> + +- + typedef struct { + SSL *session; + nxt_conn_t *conn; +@@ -1781,7 +1780,11 @@ nxt_openssl_copy_error(u_char *p, u_char *end) + clear = 0; + + for ( ;; ) { ++#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++ err = ERR_get_error_all(NULL, NULL, NULL, &data, &flags); ++#else + err = ERR_get_error_line_data(NULL, NULL, &data, &flags); ++#endif + if (err == 0) { + break; + } + +From 22ad9572ccb3b5f0d49219290e1f92911836cb8d Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 18 Nov 2021 17:48:19 +0100 +Subject: [PATCH 2/2] temporarily ignore openssl 3 deprecations + +--- + src/nxt_openssl.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c +index 22242538..606cdadf 100644 +--- a/src/nxt_openssl.c ++++ b/src/nxt_openssl.c +@@ -14,6 +14,11 @@ + #include <openssl/bio.h> + #include <openssl/evp.h> + ++#if OPENSSL_VERSION_NUMBER >= 0x30000000L ++/* TODO removed when SSL_CTX_set_tlsext_ticket_key_cb updated to SSL_CTX_set_tlsext_ticket_key_evp_cb */ ++# pragma GCC diagnostic ignored "-Wdeprecated-declarations" ++#endif ++ + typedef struct { + SSL *session; + nxt_conn_t *conn; |