Kong compiled from source not patch openssl patches provided by openresty?

xliuqq · December 21, 2018, 3:52am

In openresty Installation docs，it points that openresty compiled from source with option --with-openssl shoud patch

cd openssl-1.0.2k/
patch -p1 < /path/to/openresty/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch

And the openresty 1.13.6.2 source code has three different openssl patches：

openssl-1.0.2h-sess_set_get_cb_yield.patch
openssl-1.1.0c-sess_set_get_cb_yield.patch
openssl-1.1.0d-sess_set_get_cb_yield.patch

Since Kong 1.0 uses openssl 1.1.1a, do I need to patch these when installing kong from source?

hutchic · December 21, 2018, 3:08pm

I converted one of our private repositories to public https://github.com/Kong/kong-build-tools which was on my todo list anyways

It’s not fully in use for building Kong releases (there’s a PR to have it do the daily builds) but I’d still consider it authoritative / good prior art on how to build Kong from source. The openssl specific part within that repository is here https://github.com/Kong/kong-build-tools/blob/master/Dockerfile.openresty#L13-L14

Hopefully the repository README / Makefile greatly simplifies building Kong from source feel free to take it for a spin and ping me any questions / challenges.

thibaultcha · December 22, 2018, 12:22am

Kong does not make use of the OpenResty directives that require these OpenSSL patches. As such, you do not need to apply these patches when installing Kong from source.

Topic		Replies	Views
Building Kong from SRC idea and current error Questions	6	1742	June 13, 2019
Trying to install Kong on mac	3	1872	April 5, 2019
Having trouble installing Kong from source Questions	4	2764	January 26, 2020
Kong on MacOS - Openssl error kong-gateway	1	682	July 1, 2022
Kong 2.4.0-rc.1 available! kong-gateway	0	667	April 6, 2021

Kong compiled from source not patch openssl patches provided by openresty?

Related topics