OpenSSL error #74
Comments
|
Hello @Rar9, thanks for your report. |
|
i tied with fully removing plesk nginx ... reboot and re-enableing ... Question is your script NOT preventing the Plesk Nginx update so your complied version doesnt get overwritten? |
|
Issue has been fixed with PR #75. |
|
Again get openssl Fail etected OS : Ubuntu 18.04.3 LTS
|
|
with openssl 1.1.1c it seams to work. |
It looks like plesk updated it own nginx today.
So i tried to run the script once more, but i get openssl error.
root@mail ~ # bash <(wget -O - vtb.cx/nginx-ee || curl -sL vtb.cx/nginx-ee) --interactive
Redirecting output to ‘wget-log’.
Welcome to the nginx-ee bash script v3.6.3
Do you want to compile the latest Nginx [1] Mainline v1.17.3 or [2] Stable v1.16.1 Release ?
Select an option [1-2]:
1
Do you want Ngx_Pagespeed ? (y/n)
Select an option [y/n]:
y
What Ngx_Pagespeed release do you want ?
[1] Beta Release
[2] Stable Release
Select an option [1-2]:
1
Do you prefer to compile Nginx with OpenSSL [1] or LibreSSL [2] ? (y/n)
[1] OpenSSL
[2] LibreSSL
Select an option [1-2]:
1
What OpenSSL release do you want ?
[1] OpenSSL stable 1.1.1c
[2] OpenSSL dev 3.0.0-dev
[3] OpenSSL from system lib
Select an option [1-2-3]:
2
Do you want NAXSI WAF (still experimental)? (y/n)
Select an option [y/n]:
y
Do you want RTMP streaming module (used for video streaming) ? (y/n)
Select an option [y/n]:
n
Do you want to build modules as dynamic modules? (y/n)
Select an option [y/n]:
y
Do you want to setup nginx-ee auto-update cronjob ? (y/n)
Select an option [y/n]:
y
##################################
Compilation summary
##################################
Detected OS : Ubuntu 18.04.3 LTS
Detected Arch : x86_64
Nginx release : 1.17.3
OPENSSL : 3.0.0-dev
Dynamic modules YES
Pagespeed : beta
Naxsi : YES
RTMP : NO
Plesk : YES
Installing dependencies [OK]
Installing gcc-8 [OK]
Downloading additionals modules [OK]
Downloading zlib [OK]
Downloading pcre [OK]
Downloading brotli [OK]
Downloading naxsi [OK]
Downloading openssl [FAIL] [..]
Please look at /tmp/nginx-ee.log
root@mail ~ # nginx -V
nginx version: nginx/1.16.1
built with OpenSSL 1.1.1 11 Sep 2018 (running with OpenSSL 1.1.1c 28 May 2019)
TLS SNI support enabled
configure arguments: --prefix=/usr/share --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --modules-path=/usr/share/nginx/modules --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --user=nginx --group=nginx --with-ipv6 --with-file-aio --with-http_v2_module --with-compat --with-http_ssl_module --with-http_realip_module --with-http_sub_module --with-http_dav_module --with-http_gzip_static_module --with-http_stub_status_module --add-dynamic-module=/usr/share/passenger/ngx_http_passenger_module --add-dynamic-module=../incubator-pagespeed-ngx-1.13.35.2-stable
root@mail ~ # cat /tmp/nginx-ee.log
Reading package lists...
Building dependency tree...
Reading state information...
autoconf is already the newest version (2.69-11).
automake is already the newest version (1:1.15.1-3ubuntu2).
autotools-dev is already the newest version (20180224.1).
build-essential is already the newest version (12.4ubuntu1).
libbsd-dev is already the newest version (0.8.7-1).
libgeoip-dev is already the newest version (1.6.12-1).
libgmp-dev is already the newest version (2:6.1.2+dfsg-2).
libgoogle-perftools-dev is already the newest version (2.5-2.2ubuntu3).
libreadline-dev is already the newest version (7.0-3).
libtool is already the newest version (2.4.6-2).
libbz2-ocaml is already the newest version (0.6.0-7build2).
libbz2-ocaml-dev is already the newest version (0.6.0-7build2).
libjemalloc-dev is already the newest version (3.6.0-11).
git is already the newest version (1:2.17.1-1ubuntu0.4).
gnupg is already the newest version (2.2.4-1ubuntu1.2).
libbz2-1.0 is already the newest version (1.0.6-8.1ubuntu0.2).
libbz2-dev is already the newest version (1.0.6-8.1ubuntu0.2).
libperl-dev is already the newest version (5.26.1-6ubuntu0.3).
perl is already the newest version (5.26.1-6ubuntu0.3).
gnupg2 is already the newest version (2.2.4-1ubuntu1.2).
libpam0g-dev is already the newest version (1.1.8-3.6ubuntu2.18.04.1).
software-properties-common is already the newest version (0.96.24.32.11).
tar is already the newest version (1.29b-2ubuntu0.1).
libgd-dev is already the newest version (2.2.5-5.2+ubuntu18.04.1+deb.sury.org+1).
libxml2-dev is already the newest version (2.9.9+dfsg-1+ubuntu18.04.1+deb.sury.org+1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
downloading additionals modules
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
Already up to date.
From https://github.com/masonicboom/ipscrub
Already up to date.
additionals modules downloaded
git pull zlib-cf
fatal: not a git repository (or any of the parent directories): .git
cloning zlib-cf
fatal: destination path '/usr/local/src/zlib-cf' already exists and is not an empty directory.
make distclean
rm -f .o .lo *~
example minigzip examplesh minigzipsh
example64 minigzip64
infcover
libz. foo.gz so_locations
_match.s maketree contrib/infback9/.o
rm -rf objs
rm -f .gcda .gcno .gcov
rm -f contrib/infback9/.gcda contrib/infback9/.gcno contrib/infback9/.gcov
cp -p zconf.h.in zconf.h
rm -f Makefile zlib.pc configure.log
configure zlib-cf
Checking for gcc...
Checking for shared library support...
Building shared library libz.so.1.2.8 with gcc.
Checking for off64_t... Yes.
Checking for fseeko... Yes.
Checking for strerror... Yes.
Checking for unistd.h... Yes.
Checking for stdarg.h... Yes.
Checking whether to use vs[n]printf() or s[n]printf()... using vs[n]printf().
Checking for vsnprintf() in stdio.h... Yes.
Checking for return value of vsnprintf()... Yes.
Checking for attribute(visibility) support... Yes.
Checking for CRC and SSE4.2 support ... Yes
Checking for PCLMUL support ... Yes
cloning openssl
Cloning into '/usr/local/src/openssl'...
git checkout commit
fatal: reference is not a tree: 3bbec1afed1c65b6f7f645b27808b070e6e7a509
Cloning into '/usr/local/src/openssl-patch'...
openssl ciphers patch
patching file crypto/err/openssl.txt
Hunk #1 succeeded at 3019 (offset 76 lines).
Hunk #2 succeeded at 3127 (offset 76 lines).
can't find file to patch at input line 28
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
|diff --git a/doc/man1/ciphers.pod b/doc/man1/ciphers.pod
|index e29c5d7ced..7d795c390e 100644
|--- a/doc/man1/ciphers.pod
|+++ b/doc/man1/ciphers.pod
File to patch:
Skip this patch? [y]
Skipping patch.
1 out of 1 hunk ignored
patching file include/openssl/sslerr.h
Hunk #1 succeeded at 603 (offset 2 lines).
Hunk #2 succeeded at 735 (offset 2 lines).
patching file ssl/s3_lib.c
Hunk #9 succeeded at 4117 (offset 1 line).
Hunk #10 succeeded at 4137 (offset 1 line).
Hunk #11 succeeded at 4181 (offset 1 line).
Hunk #12 succeeded at 4218 (offset 1 line).
Hunk #13 succeeded at 4249 (offset 1 line).
Hunk #14 succeeded at 4268 (offset 1 line).
Hunk #15 succeeded at 4283 (offset 1 line).
Hunk #16 succeeded at 4295 (offset 1 line).
patching file ssl/ssl_ciph.c
Hunk #16 FAILED at 1441.
Hunk #17 FAILED at 1454.
Hunk #18 succeeded at 1464 (offset 1 line).
Hunk #19 succeeded at 1526 (offset 1 line).
Hunk #20 succeeded at 1544 (offset 1 line).
Hunk #21 succeeded at 1558 (offset 1 line).
Hunk #22 succeeded at 1583 (offset 1 line).
Hunk #23 succeeded at 1599 (offset 1 line).
Hunk #24 succeeded at 1624 (offset 1 line).
Hunk #25 succeeded at 1650 (offset 1 line).
Hunk #26 succeeded at 1674 (offset 1 line).
2 out of 26 hunks FAILED -- saving rejects to file ssl/ssl_ciph.c.rej
patching file ssl/ssl_err.c
Hunk #1 succeeded at 255 (offset -712 lines).
Hunk #2 succeeded at 492 (offset -712 lines).
patching file ssl/ssl_lib.c
Hunk #1 succeeded at 1127 (offset 5 lines).
Hunk #2 succeeded at 1236 (offset 5 lines).
Hunk #3 succeeded at 2636 (offset 7 lines).
Hunk #4 succeeded at 2712 (offset 7 lines).
Hunk #5 succeeded at 3161 (offset 7 lines).
Hunk #6 succeeded at 3337 (offset 7 lines).
Hunk #7 succeeded at 4013 (offset 7 lines).
patching file ssl/ssl_locl.h
patching file ssl/statem/statem_srvr.c
Hunk #4 succeeded at 2255 (offset -2 lines).
The text was updated successfully, but these errors were encountered: