[nginx] SSL: fixed testing OPENSSL_VERSION_NUMBER for OpenSSL 3.0+.
noreply at nginx.com
noreply at nginx.com
Thu Jul 10 15:01:02 UTC 2025
details: https://github.com/nginx/nginx/commit/a5ca38f30392e93aadc32cf5955c29fddcaa3871
branches: master
commit: a5ca38f30392e93aadc32cf5955c29fddcaa3871
user: Sergey Kandaurov <pluknet at nginx.com>
date: Tue, 8 Jul 2025 18:07:04 +0400
description:
SSL: fixed testing OPENSSL_VERSION_NUMBER for OpenSSL 3.0+.
Prior to OpenSSL 3.0, OPENSSL_VERSION_NUMBER used the following format:
MNNFFPPS: major minor fix patch status
Where the status nibble (S) has 0+ for development and f for release.
The format was changed in OpenSSL 3.0.0, where it is always zero:
MNN00PP0: major minor patch
---
src/event/ngx_event_openssl.c | 2 +-
src/event/ngx_event_openssl.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index fc7f26655..ff604c562 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1374,7 +1374,7 @@ ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file)
if (SSL_CTX_set0_tmp_dh_pkey(ssl->ctx, dh) != 1) {
ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
"SSL_CTX_set0_tmp_dh_pkey(\"%s\") failed", file->data);
-#if (OPENSSL_VERSION_NUMBER >= 0x3000001fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x30000010L)
EVP_PKEY_free(dh);
#endif
BIO_free(bio);
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index 61ce16dab..0c9e9e840 100644
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -96,7 +96,7 @@
#endif
-#if (OPENSSL_VERSION_NUMBER < 0x3000000fL)
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
#define SSL_group_to_name(s, nid) NULL
#endif
More information about the nginx-devel
mailing list