mirror of
https://git.openwrt.org/feed/packages.git
synced 2024-06-26 09:37:44 +02:00
nginx: QUIC: Fix SSL 3.0 deprecated function
`EVP_CIPHER_CTX_cipher()` function was deprecated in OpenSSL 3.0. As per OpenSSL's recommendation (https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_CTX_get0_cipher.html) switch to using `EVP_CIPHER_CTX_get0_cipher()` instead. With this change and recent commit to nginx-util #23935. We should now be able to build nginx + modules with fully compliant calls to OpenSSL 3.0+ with legacy features disabled. Signed-off-by: Sean Khan <datapronix@protonmail.com> Link: https://github.com/openwrt/packages/pull/24005 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This commit is contained in:
parent
5929af4eb4
commit
97082f12a6
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=nginx
|
||||
PKG_VERSION:=1.25.5
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://nginx.org/download/
|
||||
|
|
12
net/nginx/patches/nginx/300-fix-deprecated-openssl-3_0.patch
Normal file
12
net/nginx/patches/nginx/300-fix-deprecated-openssl-3_0.patch
Normal file
|
@ -0,0 +1,12 @@
|
|||
--- a/src/event/quic/ngx_event_quic_protection.c
|
||||
+++ b/src/event/quic/ngx_event_quic_protection.c
|
||||
@@ -510,7 +510,7 @@ ngx_quic_crypto_common(ngx_quic_secret_t
|
||||
}
|
||||
}
|
||||
|
||||
- if (EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(ctx)) == EVP_CIPH_CCM_MODE
|
||||
+ if (EVP_CIPHER_mode(EVP_CIPHER_CTX_get0_cipher(ctx)) == EVP_CIPH_CCM_MODE
|
||||
&& EVP_CipherUpdate(ctx, NULL, &len, NULL, in->len) != 1)
|
||||
{
|
||||
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CipherUpdate() failed");
|
||||
|
Loading…
Reference in New Issue
Block a user