> After using 1.1.1e, see also the commit where an explicit entry has been > added. > nginx just reports back what openssl passes, if this was unexpected (none > critical) nginx needs to be patched, if not this openssl workaround (10880) > needs to be changed.
Any comment on this from any nginx devs? Been running 1.1.1c for some time and out of curiosity upgraded to 1.1.1e and indeed there are a lot of "(SSL: error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading)". Is it "safe" to temporary revert the patch to reduce the noise (as per the github thread - the EOF (other than the "data loss") most likely has been there previously just not being returned as error) or are there more deeper problems with openssl/tls 1.3 etc? Also since there are no plans to implement quic even in openssl 3.0 does it maybe make sense to compile nginx with BoringSSL? rr _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
