From: voidlinux-github@inbox.vuxu.org
To: ml@inbox.vuxu.org
Subject: [PR PATCH] nginx: add patch to fix OCSP stapling with libressl.
Date: Sat, 06 Jul 2019 20:13:11 +0200 [thread overview]
Message-ID: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-12850@inbox.vuxu.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 351 bytes --]
There is a new pull request by Gottox against master on the void-packages repository
https://github.com/Gottox/void-packages nginx-fix-ocsp-stapling
https://github.com/void-linux/void-packages/pull/12850
nginx: add patch to fix OCSP stapling with libressl.
A patch file from https://github.com/void-linux/void-packages/pull/12850.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-nginx-fix-ocsp-stapling-12850.patch --]
[-- Type: application/text/x-diff, Size: 2159 bytes --]
From c4d6396bbe6aa946ea9f398c0e6729f72c863050 Mon Sep 17 00:00:00 2001
From: Enno Boland <gottox@voidlinux.org>
Date: Sat, 6 Jul 2019 20:10:11 +0200
Subject: [PATCH] nginx: add patch to fix OCSP stapling with libressl.
---
.../fix-libressl-stapling-issues.patch | 27 +++++++++++++++++++
srcpkgs/nginx/template | 2 +-
2 files changed, 28 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/nginx/patches/fix-libressl-stapling-issues.patch
diff --git a/srcpkgs/nginx/patches/fix-libressl-stapling-issues.patch b/srcpkgs/nginx/patches/fix-libressl-stapling-issues.patch
new file mode 100644
index 00000000000..f91962c54ce
--- /dev/null
+++ b/srcpkgs/nginx/patches/fix-libressl-stapling-issues.patch
@@ -0,0 +1,27 @@
+ref: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237757#c5
+--- src/event/ngx_event_openssl_stapling.c.org 2019-05-12 23:56:58.526833000 +0200
++++ src/event/ngx_event_openssl_stapling.c 2019-05-13 01:31:53.737800000 +0200
+@@ -298,7 +298,10 @@
+ SSL_CTX_select_current_cert(ssl->ctx, cert);
+ #endif
+
+-#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
++#ifdef SSL_CTX_get0_chain_certs
++ /* OpenSSL 1.0.2+ */
++ SSL_CTX_get0_chain_certs(ssl->ctx, &chain);
++#elif SSL_CTRL_GET_EXTRA_CHAIN_CERTS
+ /* OpenSSL 1.0.1+ */
+ SSL_CTX_get_extra_chain_certs(ssl->ctx, &chain);
+ #else
+@@ -655,7 +658,10 @@
+ SSL_CTX_select_current_cert(staple->ssl_ctx, ctx->cert);
+ #endif
+
+-#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
++#ifdef SSL_CTX_get0_chain_certs
++ /* OpenSSL 1.0.2+ */
++ SSL_CTX_get0_chain_certs(staple->ssl_ctx, &chain);
++#elif SSL_CTRL_GET_EXTRA_CHAIN_CERTS
+ /* OpenSSL 1.0.1+ */
+ SSL_CTX_get_extra_chain_certs(staple->ssl_ctx, &chain);
+ #else
diff --git a/srcpkgs/nginx/template b/srcpkgs/nginx/template
index 3b89955b633..1d73f6a2b75 100644
--- a/srcpkgs/nginx/template
+++ b/srcpkgs/nginx/template
@@ -1,7 +1,7 @@
# Template file for 'nginx'
pkgname=nginx
version=1.16.0
-revision=2
+revision=3
build_style=gnu-makefile
makedepends="libressl-devel pcre-devel $(vopt_if geoip 'geoip-devel')"
short_desc="High performance web and reverse proxy server"
next reply other threads:[~2019-07-06 18:13 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-06 18:13 voidlinux-github [this message]
2019-07-10 7:21 ` [PR PATCH] [Merged]: " voidlinux-github
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-12850@inbox.vuxu.org \
--to=voidlinux-github@inbox.vuxu.org \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).