diff options
Diffstat (limited to 'main/nginx/lua-nginx-module~fix-libressl.patch')
| -rw-r--r-- | main/nginx/lua-nginx-module~fix-libressl.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/main/nginx/lua-nginx-module~fix-libressl.patch b/main/nginx/lua-nginx-module~fix-libressl.patch new file mode 100644 index 0000000000..21a73c1050 --- /dev/null +++ b/main/nginx/lua-nginx-module~fix-libressl.patch @@ -0,0 +1,26 @@ +From 7206c8f6fe10136e458d4b3c7ae2b696bd4c8983 Mon Sep 17 00:00:00 2001 +From: Alessandro Ghedini <alessandro@cloudflare.com> +Date: Thu, 12 May 2016 13:17:52 +0100 +Subject: [PATCH 3/6] bugfix: ssl: do not set tlsext_status_expected flag + +In OpenSSL 1.1.0 the SSL struct was made opaque, and setting this +flag manually is not required anyway since OpenSSL already does that +automatically when ngx_http_lua_ssl_empty_status_callback() returns +"OK" (which is always), and an OCSP response has been set. + +Upstream-Issue: https://github.com/openresty/lua-nginx-module/pull/761 +--- + src/ngx_http_lua_ssl_ocsp.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/ngx_http_lua_ssl_ocsp.c b/src/ngx_http_lua_ssl_ocsp.c +index 3904aa8..31b4f24 100644 +--- a/src/ngx_http_lua_ssl_ocsp.c ++++ b/src/ngx_http_lua_ssl_ocsp.c +@@ -490,7 +490,6 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_request_t *r, + + dd("set ocsp resp: resp_len=%d", (int) resp_len); + (void) SSL_set_tlsext_status_ocsp_resp(ssl_conn, p, resp_len); +- ssl_conn->tlsext_status_expected = 1; + + return NGX_OK; |