mirror of https://github.com/hak5/openwrt.git
eea3a9625c
This adds patches to avoid possible application breakage caused by a
change in behavior introduced in 1.1.1e. It affects at least nginx,
which logs error messages such as:
nginx[16652]: [crit] 16675#0: *358 SSL_read() failed (SSL: error:
4095126:SSL routines:ssl3_read_n:unexpected eof while reading) while
keepalive, client: xxxx, server: [::]:443
Openssl commits db943f4 (Detect EOF while reading in libssl), and
22623e0 (Teach more BIOs how to handle BIO_CTRL_EOF) changed the
behavior when encountering an EOF in SSL_read(). Previous behavior was
to return SSL_ERROR_SYSCALL, but errno would still be 0. The commits
being reverted changed it to SSL_ERRO_SSL, and add an error to the
stack, which is correct. Unfortunately this affects a number of
applications that counted on the old behavior, including nginx.
The reversion was discussed in openssl/openssl#11378, and implemented as
PR openssl/openssl#11400.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| argp-standalone | ||
| elfutils | ||
| gettext | ||
| gettext-full | ||
| gmp | ||
| libbsd | ||
| libconfig | ||
| libevent2 | ||
| libiconv | ||
| libiconv-full | ||
| libjson-c | ||
| libmnl | ||
| libnetfilter-conntrack | ||
| libnetfilter-cthelper | ||
| libnetfilter-cttimeout | ||
| libnetfilter-log | ||
| libnetfilter-queue | ||
| libnfnetlink | ||
| libnftnl | ||
| libnl | ||
| libnl-tiny | ||
| libpcap | ||
| libroxml | ||
| libtool | ||
| libubox | ||
| libunwind | ||
| libusb | ||
| libusb-compat | ||
| lzo | ||
| mbedtls | ||
| ncurses | ||
| nettle | ||
| nghttp2 | ||
| openssl | ||
| popt | ||
| readline | ||
| sysfsutils | ||
| toolchain | ||
| uclibc++ | ||
| uclient | ||
| ustream-ssl | ||
| wolfssl | ||
| zlib | ||