mirror of
https://github.com/openresty/openresty.git
synced 2024-10-13 00:29:41 +00:00
9e834398de
The patch was also renamed from `ssl_pending_session.patch` to `ssl_sess_cb_yield.patch` (similarly to the existing `ssl_cert_cb_yield.patch` one). Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
35 lines
1.1 KiB
C
35 lines
1.1 KiB
C
--- nginx-1.15.8/src/event/ngx_event_openssl.c 2016-07-17 19:20:30.411137606 -0700
|
|
+++ nginx-1.15.8-patched/src/event/ngx_event_openssl.c 2016-07-19 16:53:35.539768477 -0700
|
|
@@ -1581,7 +1581,15 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
|
|
}
|
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
- if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
|
|
+ if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
|
|
+# ifdef SSL_ERROR_PENDING_SESSION
|
|
+ || sslerr == SSL_ERROR_PENDING_SESSION
|
|
+
|
|
+# elif defined(SSL_ERROR_WANT_CLIENT_HELLO_CB)
|
|
+ || sslerr == SSL_ERROR_WANT_CLIENT_HELLO_CB
|
|
+# endif
|
|
+ )
|
|
+ {
|
|
c->read->handler = ngx_ssl_handshake_handler;
|
|
c->write->handler = ngx_ssl_handshake_handler;
|
|
|
|
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
|
|
--- a/src/event/ngx_event_openssl.h
|
|
+++ b/src/event/ngx_event_openssl.h
|
|
@@ -64,6 +64,11 @@
|
|
#endif
|
|
|
|
|
|
+#ifdef SSL_ERROR_WANT_CLIENT_HELLO_CB
|
|
+#define HAVE_SSL_CLIENT_HELLO_CB_SUPPORT 1
|
|
+#endif
|
|
+
|
|
+
|
|
struct ngx_ssl_s {
|
|
SSL_CTX *ctx;
|
|
ngx_log_t *log;
|