Re: [PATCH] SSL: guard use of all SSL options for bug workarounds

Hey Maxim, After looking into http://trac.nginx.org/nginx/ticket/618, I'm rather sceptical about BoringSSL-related fixes. To be fair, it was a regression that was fixed pretty fast once reported. On the other hand, if they indeed remove something we use, it may be a good enough reason to

Re: [PATCH] SSL: guard use of all SSL options for bug workarounds

Wouldn't it be better to drop support for ancient OpenSSL versions? It would be a great step for performance and security. Are there any good reasons to support old OpenSSL versions? Richard On 9/8/2014 10:06 AM, Piotr Sikora wrote: Hey Maxim, After looking into

[nginx] SSL: guard use of all SSL options for bug workarounds.

details: http://hg.nginx.org/nginx/rev/275e35d54626 branches: changeset: 5823:275e35d54626 user: Piotr Sikora pi...@cloudflare.com date: Wed Sep 03 14:49:55 2014 -0700 description: SSL: guard use of all SSL options for bug workarounds. Some of the OpenSSL forks (read: BoringSSL)

Re: SASL support for mail proxy in NGINX

--On Friday, August 22, 2014 5:50 PM -0500 Kunal Pariani kpari...@zimbra.com wrote: Hello, Wanted to know if there's a plan to add SASL support to Nginx anytime soon ? Zimbra has patches that add SASL support for POP3 IMAP. Would you be interested in that as a contribution from us ? We

[nginx] Fixed ETag memory allocation error handling.

details: http://hg.nginx.org/nginx/rev/51fe42cc7876 branches: changeset: 5825:51fe42cc7876 user: Maxim Dounin mdou...@mdounin.ru date: Mon Sep 08 21:36:03 2014 +0400 description: Fixed ETag memory allocation error handling. The etag-hash must be set to 0 to avoid an empty ETag

[nginx] Core: ngx_regex_compile() error handling fixes.

details: http://hg.nginx.org/nginx/rev/e7f6991eca47 branches: changeset: 5824:e7f6991eca47 user: Maxim Dounin mdou...@mdounin.ru date: Mon Sep 08 21:35:53 2014 +0400 description: Core: ngx_regex_compile() error handling fixes. Now we actually return NGX_ERROR on errors, and provide

Re: SASL support for mail proxy in NGINX

--On Tuesday, September 09, 2014 12:49 AM +0400 Maxim Dounin mdou...@mdounin.ru wrote: We plan on adding SASL support to SMTP as well unless you guys have plan to do that already ? Any nginx developers have any thoughts on this? When talking to mail backends, nginx doesn't use SASL for

Re: SASL support for mail proxy in NGINX

Hello! On Mon, Sep 08, 2014 at 03:28:01PM -0700, Quanah Gibson-Mount wrote: --On Tuesday, September 09, 2014 12:49 AM +0400 Maxim Dounin mdou...@mdounin.ru wrote: We plan on adding SASL support to SMTP as well unless you guys have plan to do that already ? Any nginx developers have

Re: [PATCH] SSL: guard use of all SSL options for bug workarounds

Hello! On Mon, Sep 08, 2014 at 11:48:28PM +0200, Richard Fussenegger, BSc wrote: On 9/8/2014 7:22 PM, Maxim Dounin wrote: Hello! On Mon, Sep 08, 2014 at 01:01:02PM +0200, Richard Fussenegger, BSc wrote: Wouldn't it be better to drop support for ancient OpenSSL versions? It would be a