Changes between Initial Version and Version 1 of Ticket #2503, comment 3


Ignore:
Timestamp:
06/02/23 00:45:07 (18 months ago)
Author:
Sergey Kandaurov

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #2503, comment 3

    initial v1  
    77That's true.  This commit caused build to fail with BoringSSL.
    88The reason is that SSL_get_negotiation_group, as documented in OpenSSL, may return TLSEXT_nid_unknown for unknown groups.  This seems to be a non-sense, but still we have to comply.
    9 BoringSSL added this function in the recent days, and corresponding nginx code now builds a corresponding piece of code.  BoringSSL is going smarter, it doesn't use TLSEXT_nid_unknown, so it was not added there.  Well, it was there long ago, removed together with SSL_get1_curves().
     9BoringSSL added this function in the recent days, and corresponding nginx code now builds with it.  BoringSSL is going smarter, it doesn't use TLSEXT_nid_unknown, so it was not added there.  Well, it was there long ago, removed together with SSL_get1_curves().
    1010
    1111Can you please retry with the most recent BoringSSL ? It should be fixed now in https://boringssl.googlesource.com/boringssl/+/28c24092e39bfd70852afa2923a3d12d2e9be2f5