feature: added patches to the nginx core to make sure ngx_stream_ssl_preread_module will not skip the rest of the preread phase when SNI server name parsing was successful.

Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2024-10-13 00:29:41 +00:00 · 2018-01-11 02:50:19 -08:00
parent 30fa60ad5d
commit 93f785eed6
3 changed files with 33 additions and 0 deletions
--- a/util/mirror-tarballs
+++ b/util/mirror-tarballs
@ -56,6 +56,13 @@ if [ "$answer" = "Y" ]; then
    echo
 fi

+answer=`$root/util/ver-ge "$main_ver" 1.13.6`
+if [ "$answer" = "Y" ]; then
+    echo "$info_txt applying the stream_ssl_preread_no_skip patch for nginx"
+    patch -p1 < $root/patches/nginx-$main_ver-stream_ssl_preread_no_skip.patch || exit 1
+    echo
+fi
+
 answer=`$root/util/ver-ge "$main_ver" 1.5.12`
 if [ "$answer" = "N" ]; then
    echo "$info_txt applying the patch for nginx security advisory (CVE-2014-0133)"