Remove tabs and fix debug patch
Juliusz Sosinowicz
parent
ac2d0f3cac
commit
f35ee396d4
|
|
@ -1,6 +1,6 @@
|
|||
diff -ur nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.c nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.c
|
||||
--- nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.c 2019-10-17 09:01:12.991526380 +1000
|
||||
+++ nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.c 2019-10-17 08:32:00.850631120 +1000
|
||||
diff -ur nginx/src/event/ngx_event_openssl.c nginx-debug/src/event/ngx_event_openssl.c
|
||||
--- nginx/src/event/ngx_event_openssl.c 2019-10-29 17:31:13.468021354 +0100
|
||||
+++ nginx-debug/src/event/ngx_event_openssl.c 2019-10-29 17:31:06.152106826 +0100
|
||||
@@ -164,6 +164,11 @@
|
||||
|
||||
#endif
|
||||
|
|
@ -13,100 +13,3 @@ diff -ur nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.c nginx-1.16.1-wolfssl
|
|||
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
|
||||
#ifndef SSL_OP_NO_COMPRESSION
|
||||
{
|
||||
@@ -1579,9 +1584,7 @@
|
||||
{
|
||||
#ifdef TLS1_3_VERSION
|
||||
if (c->ssl->session) {
|
||||
- #if !defined(WOLFSSL_NGINX)
|
||||
SSL_SESSION_up_ref(c->ssl->session);
|
||||
- #endif
|
||||
return c->ssl->session;
|
||||
}
|
||||
#endif
|
||||
diff -ur nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.c.orig nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.c.orig
|
||||
--- nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.c.orig 2019-10-17 08:23:11.313946458 +1000
|
||||
+++ nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.c.orig 2019-10-17 08:30:33.163460161 +1000
|
||||
@@ -384,6 +384,10 @@
|
||||
|
||||
SSL_CTX_set_info_callback(ssl->ctx, ngx_ssl_info_callback);
|
||||
|
||||
+#ifdef WOLFSSL_NGINX
|
||||
+ SSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_NONE, NULL);
|
||||
+#endif
|
||||
+
|
||||
return NGX_OK;
|
||||
}
|
||||
|
||||
@@ -863,6 +867,14 @@
|
||||
|
||||
|
||||
ngx_int_t
|
||||
+ngx_ssl_set_verify_on(ngx_conf_t *cf, ngx_ssl_t *ssl)
|
||||
+{
|
||||
+ SSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_PEER, ngx_ssl_verify_callback);
|
||||
+
|
||||
+ return NGX_OK;
|
||||
+}
|
||||
+
|
||||
+ngx_int_t
|
||||
ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
|
||||
ngx_int_t depth)
|
||||
{
|
||||
@@ -1370,7 +1382,8 @@
|
||||
* maximum interoperability.
|
||||
*/
|
||||
|
||||
-#if (defined SSL_CTX_set1_curves_list || defined SSL_CTRL_SET_CURVES_LIST)
|
||||
+#if (defined SSL_CTX_set1_curves_list || defined SSL_CTRL_SET_CURVES_LIST) || \
|
||||
+ defined(WOLFSSL_NGINX)
|
||||
|
||||
/*
|
||||
* OpenSSL 1.0.2+ allows configuring a curve list instead of a single
|
||||
@@ -3929,7 +3942,8 @@
|
||||
return -1;
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L && \
|
||||
+ (!defined(WOLFSSL_NGINX) || !defined(HAVE_FIPS))
|
||||
if (HMAC_Init_ex(hctx, key[0].hmac_key, size, digest, NULL) != 1) {
|
||||
ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "HMAC_Init_ex() failed");
|
||||
return -1;
|
||||
@@ -3973,7 +3987,8 @@
|
||||
size = 32;
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L && \
|
||||
+ (!defined(WOLFSSL_NGINX) || !defined(HAVE_FIPS))
|
||||
if (HMAC_Init_ex(hctx, key[i].hmac_key, size, digest, NULL) != 1) {
|
||||
ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "HMAC_Init_ex() failed");
|
||||
return -1;
|
||||
diff -ur nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.h nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.h
|
||||
--- nginx-1.16.1-wolfssl/src/event/ngx_event_openssl.h 2019-10-17 09:09:02.955768195 +1000
|
||||
+++ nginx-1.16.1-wolfssl-debug/src/event/ngx_event_openssl.h 2019-10-17 08:30:33.163460161 +1000
|
||||
@@ -14,7 +14,6 @@
|
||||
|
||||
#ifdef WOLFSSL_NGINX
|
||||
#include <wolfssl/options.h>
|
||||
-#include <openssl/pem.h>
|
||||
#endif
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
Only in nginx-1.16.1-wolfssl/src/event: .ngx_event_openssl.h.swp
|
||||
diff -ur nginx-1.16.1-wolfssl/src/http/ngx_http_request.c nginx-1.16.1-wolfssl-debug/src/http/ngx_http_request.c
|
||||
--- nginx-1.16.1-wolfssl/src/http/ngx_http_request.c 2019-10-17 08:49:18.234819519 +1000
|
||||
+++ nginx-1.16.1-wolfssl-debug/src/http/ngx_http_request.c 2019-10-17 08:30:33.163460161 +1000
|
||||
@@ -851,12 +851,6 @@
|
||||
|
||||
|
||||
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
|
||||
-#ifndef SSL_AD_NO_RENEGOTIATION
|
||||
-#define SSL_AD_NO_RENEGOTIATION 100
|
||||
-#endif
|
||||
-#ifndef SSL_AD_INTERNAL_ERROR
|
||||
-#define SSL_AD_INTERNAL_ERROR 80
|
||||
-#endif
|
||||
|
||||
int
|
||||
ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg)
|
||||
|
|
|
|||
|
|
@ -124,11 +124,11 @@ diff -ur nginx/src/event/ngx_event_openssl.c nginx-1.16.1-wolfssl/src/event/ngx_
|
|||
+
|
||||
+ len = i2d_SSL_SESSION(sess, (unsigned char**) &buf);
|
||||
+ if (len <= 0) {
|
||||
+ return -1;
|
||||
+ return -1;
|
||||
+ }
|
||||
+ sess = d2i_SSL_SESSION(NULL, (const unsigned char**) &buf, len);
|
||||
+ if (!sess) {
|
||||
+ return -1;
|
||||
+ return -1;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
|
|
|
|||
Loading…
Reference in New Issue