Win32 Binary - bug in OpenSSL
nginx-forum at nginx.us
Thu Aug 15 13:04:37 UTC 2013
Whilst I'm a militant Unix guy I'm having to use the Win32 version of nginx
for a specific project which requires SSL MiTM proxying as part of a
virtualised app suite. I spent a few hours battling with an SSL error
whereby I would see the Client Hello rapidly followed by a TCP FIN from the
remote server and couldn't figure out what was causing it. I then built from
source on OSX and Linux and an identical config worked without issue.
Turns out from a little reading that there's a bug in OpenSSL v1.1 which is
responsible for this and as OSX and my Linux servers are on v0.9.x they
aren't subject to this bug.
I'm sure everyone is very busy, but the next time you get round to reviewing
the build deps for Windows it would be great if you could keep this in mind.
At present either the backend conversation fails and nginx serves a 502, or
the .exe seg faults and dies completely (depending on what protocol/cipher
combinations you specify).
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,241891,241891#msg-241891
More information about the nginx