- This topic has 12 replies, 1 voice, and was last updated 6 months ago by Thijs Eilander.
-
AuthorPosts
-
-
DanGuest
Not the same OpenSSL version?
nginx -V return this info:
built with OpenSSL 3.0.2 15 Mar 2022 (running with OpenSSL 3.0.11+quic 19 Sep 2023) -
Thijs EilanderKeymaster
That’s is strange, what distribution are you using?
Also, did you make by any change an exception for OpenSSL in apt while that was broken?
-
Thijs EilanderKeymaster
This should be the correct output, at least on Bookworm
# nginx -V
nginx version: nginx/1.25.2 (https://deb.myguard.nl/nginx-modules/)
built with OpenSSL 3.0.11+quic 19 Sep 2023 -
DanGuest
I’m just using this PPA: ppa:eilander/nginx
On the Ubuntu 22.04 LTS serverI do not make any changes on Nginx or OpenSSL in apt.
-
Thijs EilanderKeymaster
Ooh Launchpad, yeah I cleaned it out last night. Need to repopulate that again but my OpenSSL builds are rejected somehow
Didn’t know anybody is still using Launchpad for my repo :) Most people are on my own repo. Thanks for reminding me
-
DanGuest
I skip your hosted PPA after encountering this old issue last year:
Release 8.8p1 disables RSA signatures using the SHA-1 hash algorithm by default
As the PPA from Ubuntu works perfect :)
-
Thijs EilanderKeymaster
well, I don’t maintain openssh anymore ;-) Since it can now do what I wanted by default.
-
-
DanGuest
With your hosted PPA, I can still see an update to openssh and I’m afraid it will lock out my SSH again :(
# apt list –upgradable
Listing… Done
eatmydata/jammy,jammy 130-11myguard1~jammy all [upgradable from: 130-2build1]
libeatmydata1/jammy 130-11myguard1~jammy amd64 [upgradable from: 130-2build1]
libfido2-1/jammy 1.13.0-3myguard1~jammy amd64 [upgradable from: 1.10.0-1]
liblmdb0/jammy 0.9.31-3myguard1~jammy amd64 [upgradable from: 0.9.24-1build2]
libpcre2-8-0/jammy 10.42-3myguard1~jammy amd64 [upgradable from: 10.40-1+ubuntu22.04.1+deb.sury.org+1]
libz-ng2/jammy 2.1.4-3myguard1~jammy amd64 [upgradable from: 2.0.6-3myguard1~jammy]
libzstd1/jammy 1.5.5-3myguard11~jammy amd64 [upgradable from: 1.4.8+dfsg-3build1]
myguard/jammy,jammy 231018-1myguard3~jammy all [upgradable from: 231018-1myguard3~bionic]
nginx-light/jammy 1.25.2-3myguard7~jammy amd64 [upgradable from: 1.25.2-3myguard7~jammy]
openssh-client/jammy 1:9.2p1-3myguard3~jammy amd64 [upgradable from: 1:8.9p1-3ubuntu0.4]
openssh-server/jammy 1:9.2p1-3myguard3~jammy amd64 [upgradable from: 1:8.9p1-3ubuntu0.4]
openssh-sftp-server/jammy 1:9.2p1-3myguard3~jammy amd64 [upgradable from: 1:8.9p1-3ubuntu0.4]
zstd/jammy 1.5.5-3myguard11~jammy amd64 [upgradable from: 1.4.8+dfsg-3build1] -
Thijs EilanderKeymaster
oh I thought I removed all the openssh stuff in jammy.
should be gone now, after apt update
-
DanGuest
Thanks for the quick fix.
Any plans on syncing all those updates to Launchpad as well?-
Thijs EilanderKeymaster
Only the NGINX related packages I think.
I’ll have to add a command to each package buildscript to push the source-package to Launchpad and wait for it to build, but Launchpad does some weird things sometimes so I cannot garantuee something will be build, or something will be build after 10 hours or so, thats why I started to host my own repo. (and the fact that I needed to host for debian too)
-
-
DanGuest
Server updated, thank you so much for the update.
nginx version: nginx/1.25.2 (https://deb.myguard.nl/nginx-modules/)
built with OpenSSL 3.0.11+quic 19 Sep 2023
TLS SNI support enabled
configure arguments: –build=https://deb.myguard.nl/nginx-modules/ –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-client-body-temp-path=/var/lib/nginx/body –http-fastcgi-temp-path=/var/lib/nginx/fastcgi –http-log-path=/var/log/nginx/access.log –http-proxy-temp-path=/var/lib/nginx/proxy –http-scgi-temp-path=/var/lib/nginx/scgi –http-uwsgi-temp-path=/var/lib/nginx/uwsgi –lock-path=/var/lock/nginx.lock –modules-path=/usr/lib/nginx/modules –pid-path=/run/nginx.pid –prefix=/usr/share/nginx –with-cc-opt=’-g -ffile-prefix-map=/build/nginx-Y4M7iL/nginx-1.25.2=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -O3 -flto -DNGX_HTTP_HEADERS -DNGX_ZLIB_NG=1 -D_FORTIFY_SOURCE=2 -w -DTCP_FASTOPEN=23 -fPIC -Wdate-time -D_FORTIFY_SOURCE=2′ –with-compat –with-file-aio –with-http_dav_module –with-http_gzip_static_module –with-http_auth_request_module –with-http_realip_module –with-http_slice_module –with-http_ssl_module –with-threads –with-http_v2_module –with-http_v3_module –with-ld-opt=’-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -fPIC -static-libstdc++ -flto -lpcre’ –with-http_sub_module –without-http_browser_module –without-http_geo_module –without-http_limit_req_module –without-http_limit_conn_module –without-http_memcached_module –without-http_referer_module –without-http_split_clients_module –without-http_userid_module -
Thijs EilanderKeymaster
I get tired of Launchpad, I sent the same package 3 times and got 3 different compile errors back :-)
One more try I guess
-
-
AuthorPosts