nginx: QUIC: Fix SSL 3.0 deprecated function #24005
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openips
approved these changes
Apr 24, 2024
|
@qosmio did we check if nginx already doesn't have this fix in some dev branch? Also can we think of proposing this fix to nginx mailing list? |
|
That's actually a good idea. I haven't submitted patches upstream, mostly due to NGINX team using Mercurial and patchbomb, neither of which I'm too familiar. I'll take a stab at it though. |
|
@qosmio keep me informed... i also remember sending a patch but i lost track of it. |
|
@qosmio I checked how to send patch and it's not that hard... Send the mail to yourself first to make sure everything is OK. |
Ansuel
force-pushed
the
nginx-quic-ssl-3.0-deprecation
branch
from
9ec1a42
to
2908532
Compare
Ansuel
pushed a commit
to qosmio/packages
that referenced
this pull request
May 6, 2024
`EVP_CIPHER_CTX_cipher()` function was deprecated in OpenSSL 3.0. As per OpenSSL's recommendation (https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_CTX_get0_cipher.html) switch to using `EVP_CIPHER_CTX_get0_cipher()` instead. With this change and recent commit to nginx-util openwrt#23935. We should now be able to build nginx + modules with fully compliant calls to OpenSSL 3.0+ with legacy features disabled. Signed-off-by: Sean Khan <datapronix@protonmail.com> Link: openwrt#24005 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
@qosmio can you refresh patch and also bump the nginx package? |
|
Sorry I didn't get a chance to reply before. Will clean up and increment the build today.
UPDATE: Done!
|
qosmio
force-pushed
the
nginx-quic-ssl-3.0-deprecation
branch
from
2908532
to
3008de1
Compare
`EVP_CIPHER_CTX_cipher()` function was deprecated in OpenSSL 3.0. As per OpenSSL's recommendation (https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_CTX_get0_cipher.html) switch to using `EVP_CIPHER_CTX_get0_cipher()` instead. With this change and recent commit to nginx-util openwrt#23935. We should now be able to build nginx + modules with fully compliant calls to OpenSSL 3.0+ with legacy features disabled. Signed-off-by: Sean Khan <datapronix@protonmail.com> Link: openwrt#24005 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Ansuel
force-pushed
the
nginx-quic-ssl-3.0-deprecation
branch
from
3008de1
to
97082f1
Compare
hnyyghk
pushed a commit
to hnyyghk/OpenWrt_Nginx-QUIC
that referenced
this pull request
Oct 22, 2024
`EVP_CIPHER_CTX_cipher()` function was deprecated in OpenSSL 3.0. As per OpenSSL's recommendation (https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_CTX_get0_cipher.html) switch to using `EVP_CIPHER_CTX_get0_cipher()` instead. With this change and recent commit to nginx-util #23935. We should now be able to build nginx + modules with fully compliant calls to OpenSSL 3.0+ with legacy features disabled. Signed-off-by: Sean Khan <datapronix@protonmail.com> Link: openwrt/packages#24005 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 97082f12a6de70625e21bc22fe2d0c1f65797f52)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
EVP_CIPHER_CTX_cipher()function was deprecated in OpenSSL 3.0. As per OpenSSL's recommendation (https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_CTX_get0_cipher.html) switch to usingEVP_CIPHER_CTX_get0_cipher()instead.This would remedy the following:
With this change and recent commit to nginx-util #23935. We should now be able to build
nginx+moduleswith fully compliant calls to OpenSSL 3.0+, with legacy features disabled.Run tested: aarch64, Dynalink DL-WRX36, Master Branch
Maintainer: Thomas Heil heil@terminal-consulting.de, Christian Marangi ansuelsmth@gmail.com