You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by GitBox <gi...@apache.org> on 2021/03/01 17:25:16 UTC
[GitHub] [trafficserver] bneradt commented on issue #7561: CI OpenSSL version needs 1.1.1e updates for SSL_set_tlsext_host_name
bneradt commented on issue #7561:
URL: https://github.com/apache/trafficserver/issues/7561#issuecomment-788126288
The latest version of OpenSSL-quic breaks the TLS handshake for AuTests when ATS is built against it. @duke8253 suggested I use a draft-29 version which worked fine locally. I deployed it to all the CI systems and all the AuTests passed for his PR:
https://github.com/apache/trafficserver/pull/7537
To record what I did:
1. I copied the current versions of /opt/openssl-quic to /opt/openssl-quic_quic-draft-22, preserving the old version in case we need it and recording the branch from which it was built which I derived from a git search.
2. @zwoop pointed me to https://github.com/apache/trafficserver/blob/master/tools/build_h3_tools.sh. I copied that onto the jenkins master box.
2. I modified build_h3_tools.sh to just build and install openssl-quic using the OpenSSL_1_1_1g-quic-draft-29, installing to /opt/openssl-quic_OpenSSL_1_1_1g-quic-draft-29
3. I then symbolic linked /opt/openssl-quic to the new /opt/openssl-quic_OpenSSL_1_1_1g-quic-draft-29
4. I then applied these same changes to each of the CI agent machines (moving the old directory to the specified location, rsync'ed the new openssl-quic draft 29 version, and then symbolic linked /opt/openssl-quic).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org