[PATCH] SSL: make ssl_password_file work with recent OpenSSL releases

Sergey Kandaurov pluknet at nginx.com
Thu Oct 30 14:40:10 UTC 2014


On Oct 29, 2014, at 10:27 PM, Piotr Sikora <piotr at cloudflare.com> wrote:
> Hey Sergey,
> 
>> Alternatively, remove error collection that doesn’t really make much sense.
>> It’s an open set and we cannot predict for sure all of them enumerated.
> 
> That's also a valid approach, but the commit is wrong.
> 

So that the issue is resolved now.

>> # HG changeset patch
>> # User Sergey Kandaurov <pluknet at nginx.com>
>> # Date 1414150080 25200
>> #      Fri Oct 24 04:28:00 2014 -0700
>> # Node ID 47728601e542cab9406ea323576f6df5adfff193
>> # Parent  973fded4f461f3a397779b3a1dc80881b1b34974
>> SSL: simplified ssl_password_file error handling.
>> 
>> Instead of collecting a number of the possible SSL_CTX_use_PrivateKey_file()
>> error codes that becomes more and more difficult with the rising variety of
>> OpenSSL versions and its derivatives, just continue with the next passphrase.
>> 
>> This fixes multiple passwords in a single ssl_password_file that was broken
>> after recent OpenSSL changes (commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e).
> 
> Not even "Reported by"? :P
> 

Sure. Committed, thank you.

-- 
Sergey Kandaurov



More information about the nginx-devel mailing list