Mercurial > hg > nginx
changeset 9200:ee40e2b1d083
SSL: reasonable version for LibreSSL adjusted.
OPENSSL_VERSION_NUMBER is now redefined to 0x1010000fL for LibreSSL 3.5.0
and above. Building with older LibreSSL versions, such as 2.8.0, may now
produce warnings (see cab37803ebb3) and may require appropriate compiler
options to suppress them.
Notably, this allows to start using SSL_get0_verified_chain() appeared
in OpenSSL 1.1.0 and LibreSSL 3.5.0, without additional macro tests.
Prodded by Ilya Shipitsin.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 25 Dec 2023 21:15:48 +0400 |
parents | 875cd36b8617 |
children | 791ead216b03 |
files | src/event/ngx_event_openssl.h src/event/ngx_event_openssl_stapling.c |
diffstat | 2 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.h Mon Dec 25 21:15:47 2023 +0400 +++ b/src/event/ngx_event_openssl.h Mon Dec 25 21:15:48 2023 +0400 @@ -45,7 +45,7 @@ #if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) #undef OPENSSL_VERSION_NUMBER -#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL) +#if (LIBRESSL_VERSION_NUMBER >= 0x3050000fL) #define OPENSSL_VERSION_NUMBER 0x1010000fL #else #define OPENSSL_VERSION_NUMBER 0x1000107fL
--- a/src/event/ngx_event_openssl_stapling.c Mon Dec 25 21:15:47 2023 +0400 +++ b/src/event/ngx_event_openssl_stapling.c Mon Dec 25 21:15:48 2023 +0400 @@ -893,7 +893,7 @@ ocsp->cert_status = V_OCSP_CERTSTATUS_GOOD; ocsp->conf = ocf; -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= 0x10100000L ocsp->certs = SSL_get0_verified_chain(c->ssl->connection);