Date: Fri, 2 Apr 2021 11:07:38 +0300 From: Lev Serebryakov <lev@FreeBSD.org> To: Miroslav Lachman <000.fbsd@quip.cz>, freebsd-ports@freebsd.org Subject: Re: Port's OpenSSL 1.1.1k, 1 on FreeBSD 11-STABLE shows strange error (Inappropriate ioctl for device) on handshake (Server-side) Message-ID: <003fc033-b76c-9f6f-0db5-d34d92a166dc@FreeBSD.org> In-Reply-To: <488123c1-afa1-a63c-5d91-b9c1488cb852@quip.cz> References: <cfbf5e87-0872-4366-5697-315a75963c2f@FreeBSD.org> <488123c1-afa1-a63c-5d91-b9c1488cb852@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01.04.2021 18:24, Miroslav Lachman wrote: > On 01/04/2021 00:10, Lev Serebryakov wrote: >> >> System is 11.4-STABLE r366937. >> >> I've ports built with OpenSSL from ports (DEFAULT_VERSIONS+=ssl=openssl). After upgrade to latest 1.1.1k,1 my nginx reject HTTPS connections with cryptic >> >> SSL_do_handshake() failed (SSL: error:02015019:system library:ioctl:Inappropriate ioctl for device error:1427D044:SSL routines:construct_stateless_ticket:internal error error:02015019:system library:ioctl:Inappropriate ioctl for device) >> >> What happens? What did I do wrong? >> >> Previous OpenSSL version worked without problem. > > We are using FreeBSD 11.4 with port's OpenSSL too. Already deployed newer version of OpenSSL on all machines without any troubles. (Apache / Nginx / Lighttpd / Postfix / ProFTPd and some other openssl library consumers) > > Do you have any special SSL / TLS configuration in nginx.conf? (protocol version, ciphers etc.) It is https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254643 — I have `cryptodev` in my kernel (statically linked!). -- // Lev Serebryakov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003fc033-b76c-9f6f-0db5-d34d92a166dc>