[nginx] SSL: fix build with recent OpenSSL.
Maxim Dounin
mdounin at mdounin.ru
Fri Jul 11 15:58:04 UTC 2014
details: http://hg.nginx.org/nginx/rev/abd460ece11e
branches:
changeset: 5767:abd460ece11e
user: Piotr Sikora <piotr at cloudflare.com>
date: Wed Jul 09 12:27:15 2014 -0700
description:
SSL: fix build with recent OpenSSL.
X509_check_host() prototype changed recently:
- http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ced3d91
- http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=297c67f
Bump version requirement, so that OpenSSL-1.0.2-beta1 uses fallback code.
Signed-off-by: Piotr Sikora <piotr at cloudflare.com>
diffstat:
src/event/ngx_event_openssl.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (39 lines):
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -50,7 +50,7 @@ static int ngx_ssl_session_ticket_key_ca
HMAC_CTX *hctx, int enc);
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if OPENSSL_VERSION_NUMBER < 0x10002002L
static ngx_int_t ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *str);
#endif
@@ -2733,7 +2733,7 @@ ngx_ssl_check_host(ngx_connection_t *c,
return NGX_ERROR;
}
-#if OPENSSL_VERSION_NUMBER >= 0x10002001L
+#if OPENSSL_VERSION_NUMBER >= 0x10002002L
/* X509_check_host() is only available in OpenSSL 1.0.2+ */
@@ -2741,7 +2741,7 @@ ngx_ssl_check_host(ngx_connection_t *c,
goto failed;
}
- if (X509_check_host(cert, name->data, name->len, 0) != 1) {
+ if (X509_check_host(cert, (char *) name->data, name->len, 0, NULL) != 1) {
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
"X509_check_host(): no match");
goto failed;
@@ -2850,7 +2850,7 @@ found:
}
-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if OPENSSL_VERSION_NUMBER < 0x10002002L
static ngx_int_t
ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *pattern)
More information about the nginx-devel
mailing list