Closed Synchro closed 7 years ago
Mostly same as issue #2
This is not possible, since this means I also need to maintain openssl, and considering openssl is major security library which needs very frequent updates, this is possible only in team or on paid basis. However this could be possible without backporting security updates, in one person with using build robot and always upstream last version (probably the way to do it, if you really need it).
Wouldn't it be possible as a git submodule, so you wouldn't need to maintain it?
I make bundle releases usually after nginx mainstream version updates (and try to push changes with it, to avoid too freq PPA updates), even if I build statically, I'll be too slow to openssl.
Beside I don't like idea, too build statically, and using custom openssl could scare security-aware users.
One of the main reasons I currently have to build nginx packages from source is that I want chacha20/poly1305 support, which requires a more recent or patched OpenSSL, such as this one. Any chance you could include that in your builds?