[PATCH 2 of 2] SSL: let it build against LibreSSL

Piotr Sikora piotr at cloudflare.com
Wed Jul 30 11:42:13 UTC 2014


# HG changeset patch
# User Piotr Sikora <piotr at cloudflare.com>
# Date 1406719936 25200
#      Wed Jul 30 04:32:16 2014 -0700
# Node ID e0eaf2d92a8cee90abe592d7ac01d3118cb0853a
# Parent  45ed2f1f0a6a568b6e9bfe31a28172c1ebcf5d8c
SSL: let it build against LibreSSL.

LibreSSL developers decided that LibreSSL is OpenSSL-2.0.0, so tests
for OpenSSL-1.0.2+ are now passing, even though the library doesn't
provide functions that are expected from that version of OpenSSL.

Signed-off-by: Piotr Sikora <piotr at cloudflare.com>

diff -r 45ed2f1f0a6a -r e0eaf2d92a8c src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	Wed Jul 30 04:32:15 2014 -0700
+++ b/src/event/ngx_event_openssl.c	Wed Jul 30 04:32:16 2014 -0700
@@ -50,7 +50,7 @@ static int ngx_ssl_session_ticket_key_ca
     HMAC_CTX *hctx, int enc);
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10002002L
+#if (OPENSSL_VERSION_NUMBER < 0x10002002L || defined LIBRESSL_VERSION_NUMBER)
 static ngx_int_t ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *str);
 #endif
 
@@ -2743,7 +2743,7 @@ ngx_ssl_check_host(ngx_connection_t *c, 
         return NGX_ERROR;
     }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10002002L
+#if (OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined LIBRESSL_VERSION_NUMBER)
 
     /* X509_check_host() is only available in OpenSSL 1.0.2+ */
 
@@ -2860,7 +2860,7 @@ found:
 }
 
 
-#if OPENSSL_VERSION_NUMBER < 0x10002002L
+#if (OPENSSL_VERSION_NUMBER < 0x10002002L || defined LIBRESSL_VERSION_NUMBER)
 
 static ngx_int_t
 ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *pattern)



More information about the nginx-devel mailing list