[nginx] SSL: adopted session ticket handling for OpenSSL 1.1.0.

Maxim Dounin mdounin at mdounin.ru
Tue Oct 18 14:48:35 UTC 2016


details:   http://hg.nginx.org/nginx/rev/e0d1c1e05eef
branches:  stable-1.10
changeset: 6767:e0d1c1e05eef
user:      Sergey Kandaurov <pluknet at nginx.com>
date:      Mon Aug 22 18:53:21 2016 +0300
description:
SSL: adopted session ticket handling for OpenSSL 1.1.0.

Return 1 in the SSL_CTX_set_tlsext_ticket_key_cb() callback function
to indicate that a new session ticket is created, as per documentation.
Until 1.1.0, OpenSSL didn't make a distinction between non-negative
return values.

See https://git.openssl.org/?p=openssl.git;a=commitdiff;h=5c753de for details.

diffstat:

 src/event/ngx_event_openssl.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2900,7 +2900,7 @@ ngx_ssl_session_ticket_key_callback(ngx_
                      ngx_ssl_session_ticket_md(), NULL);
         ngx_memcpy(name, key[0].name, 16);
 
-        return 0;
+        return 1;
 
     } else {
         /* decrypt session ticket */



More information about the nginx-devel mailing list