feature: updated the NGINX patches for async SSL session fetching to support OpenSSL 1.1.1.

The patch was also renamed from `ssl_pending_session.patch` to `ssl_sess_cb_yield.patch` (similarly to the existing `ssl_cert_cb_yield.patch` one). Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
2024-10-13 00:29:41 +00:00 · 2019-04-10 11:33:55 +08:00
parent 547fdd5fb2
commit 9e834398de
2 changed files with 29 additions and 4 deletions
--- a/patches/nginx-1.15.8-ssl_pending_session.patch
+++ b/patches/nginx-1.15.8-ssl_pending_session.patch
@ -1,16 +0,0 @@
--- nginx-1.15.8/src/event/ngx_event_openssl.c	2016-07-17 19:20:30.411137606 -0700
-+++ nginx-1.15.8-patched/src/event/ngx_event_openssl.c	2016-07-19 16:53:35.539768477 -0700
-@@ -1307,7 +1307,12 @@ ngx_ssl_handshake(ngx_connection_t *c)
-     }
- 
- #if OPENSSL_VERSION_NUMBER >= 0x10002000L
-    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
-+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
-+#   ifdef SSL_ERROR_PENDING_SESSION
-+        || sslerr == SSL_ERROR_PENDING_SESSION
-+#   endif
-+       )
-+    {
-         c->read->handler = ngx_ssl_handshake_handler;
-         c->write->handler = ngx_ssl_handshake_handler;
-