From 7206c8f6fe10136e458d4b3c7ae2b696bd4c8983 Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini Date: Thu, 12 May 2016 13:17:52 +0100 Subject: [PATCH 3/6] bugfix: ssl: do not set tlsext_status_expected flag In OpenSSL 1.1.0 the SSL struct was made opaque, and setting this flag manually is not required anyway since OpenSSL already does that automatically when ngx_http_lua_ssl_empty_status_callback() returns "OK" (which is always), and an OCSP response has been set. Upstream-Issue: https://github.com/openresty/lua-nginx-module/pull/761 --- src/ngx_http_lua_ssl_ocsp.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ngx_http_lua_ssl_ocsp.c b/src/ngx_http_lua_ssl_ocsp.c index 3904aa8..31b4f24 100644 --- a/src/ngx_http_lua_ssl_ocsp.c +++ b/src/ngx_http_lua_ssl_ocsp.c @@ -490,7 +490,6 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_request_t *r, dd("set ocsp resp: resp_len=%d", (int) resp_len); (void) SSL_set_tlsext_status_ocsp_resp(ssl_conn, p, resp_len); - ssl_conn->tlsext_status_expected = 1; return NGX_OK;