Revert "feature: updated the NGINX patches for async SSL session fetching to support OpenSSL 1.1.1."
This reverts commit 9e834398de
.
Support for OpenSSL 1.1.1 will come with the 1.17.1 series of NGINX
patches. Since no other 1.15.8.* releases are planned, we are reverting
the state of the 1.15.8 patches to that of the 1.15.8.1 release.
This commit is contained in:
parent
b04577cd47
commit
08e9e50782
|
@ -1,6 +1,6 @@
|
|||
--- nginx-1.15.8/src/event/ngx_event_openssl.c 2016-07-17 19:20:30.411137606 -0700
|
||||
+++ nginx-1.15.8-patched/src/event/ngx_event_openssl.c 2016-07-19 16:53:35.539768477 -0700
|
||||
@@ -1581,7 +1581,15 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
|
||||
@@ -1307,7 +1307,12 @@ ngx_ssl_handshake(ngx_connection_t *c)
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
||||
|
@ -8,27 +8,9 @@
|
|||
+ if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
|
||||
+# ifdef SSL_ERROR_PENDING_SESSION
|
||||
+ || sslerr == SSL_ERROR_PENDING_SESSION
|
||||
+
|
||||
+# elif defined(SSL_ERROR_WANT_CLIENT_HELLO_CB)
|
||||
+ || sslerr == SSL_ERROR_WANT_CLIENT_HELLO_CB
|
||||
+# endif
|
||||
+ )
|
||||
+ {
|
||||
c->read->handler = ngx_ssl_handshake_handler;
|
||||
c->write->handler = ngx_ssl_handshake_handler;
|
||||
|
||||
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
|
||||
--- a/src/event/ngx_event_openssl.h
|
||||
+++ b/src/event/ngx_event_openssl.h
|
||||
@@ -64,6 +64,11 @@
|
||||
#endif
|
||||
|
||||
|
||||
+#ifdef SSL_ERROR_WANT_CLIENT_HELLO_CB
|
||||
+#define HAVE_SSL_CLIENT_HELLO_CB_SUPPORT 1
|
||||
+#endif
|
||||
+
|
||||
+
|
||||
struct ngx_ssl_s {
|
||||
SSL_CTX *ctx;
|
||||
ngx_log_t *log;
|
|
@ -414,16 +414,9 @@ echo "$info_txt applying the ssl_cert_cb_yield.patch patch to nginx"
|
|||
patch -p1 < $root/patches/nginx-$main_ver-ssl_cert_cb_yield.patch
|
||||
echo
|
||||
|
||||
answer=`$root/util/ver-ge "$main_ver" 1.15.8`
|
||||
if [ "$answer" = "N" ]; then
|
||||
echo "$info_txt applying the ssl_pending_session.patch patch to nginx"
|
||||
patch -p1 < $root/patches/nginx-$main_ver-ssl_pending_session.patch
|
||||
echo
|
||||
else
|
||||
echo "$info_txt applying the ssl_sess_cb_yield.patch patch to nginx"
|
||||
patch -p1 < $root/patches/nginx-$main_ver-ssl_sess_cb_yield.patch
|
||||
echo
|
||||
fi
|
||||
echo "$info_txt applying the ssl_pending_session.patch patch to nginx"
|
||||
patch -p1 < $root/patches/nginx-$main_ver-ssl_pending_session.patch
|
||||
echo
|
||||
|
||||
echo "$info_txt applying the upstream_timeout_fields patch for nginx"
|
||||
patch -p1 < $root/patches/nginx-$main_ver-upstream_timeout_fields.patch || exit 1
|
||||
|
|
Loading…
Reference in New Issue