[PATCH] SSL: let it build against LibreSSL
Maxim Dounin
mdounin at mdounin.ru
Wed Jul 30 00:55:53 UTC 2014
Hello!
On Tue, Jul 29, 2014 at 04:20:20PM -0700, Piotr Sikora wrote:
> # HG changeset patch
> # User Piotr Sikora <piotr at cloudflare.com>
> # Date 1406575677 25200
> # Mon Jul 28 12:27:57 2014 -0700
> # Node ID c1abbfee85b3185c28a279c7935d0bb871933ed8
> # Parent e3086fd5e59335f4f3f165ee74c094a7aca2aeb3
> SSL: let it build against LibreSSL.
>
> LibreSSL developers decided that LibreSSL is OpenSSL-2.0.0, so tests
> for OpenSSL-1.0.2+ are now passing, even though the library doesn't
> provide functions that are expected from that version of OpenSSL.
As previously suggested, this doesn't looks like a right way to
go. If LibreSSL folks continue to insist this is OpenSSL-2.0.0,
then we'll probably have redefine OPENSSL_VERSION_NUMBER
ourselves.
> The #ifndefs around SSL_CTX_set_tmp_rsa_callback() aren't strictly
> necessary, but support for the export cipher suites has been removed
> from LibreSSL, so they clearly mark the unsupported feature.
Same as for BoringSSL patch - I don't think we should add #if's
here.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list