[nginx] SSL: X509 was made opaque in OpenSSL 1.1.0.
Maxim Dounin
mdounin at mdounin.ru
Thu Mar 31 23:57:46 UTC 2016
details: http://hg.nginx.org/nginx/rev/45f2385a47e6
branches:
changeset: 6491:45f2385a47e6
user: Sergey Kandaurov <pluknet at nginx.com>
date: Thu Mar 31 23:38:37 2016 +0300
description:
SSL: X509 was made opaque in OpenSSL 1.1.0.
To increment reference counters we now use newly introduced X509_up_ref()
function.
diffstat:
src/event/ngx_event_openssl_stapling.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diffs (15 lines):
diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@@ -285,7 +285,11 @@ ngx_ssl_stapling_issuer(ngx_conf_t *cf,
for (i = 0; i < n; i++) {
issuer = sk_X509_value(chain, i);
if (X509_check_issued(issuer, cert) == X509_V_OK) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100001L
+ X509_up_ref(issuer);
+#else
CRYPTO_add(&issuer->references, 1, CRYPTO_LOCK_X509);
+#endif
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ssl->log, 0,
"SSL get issuer: found %p in extra certs", issuer);
More information about the nginx-devel
mailing list