OCSP stapling: open ssl_stapling_file in binary-mode.
OCSP response uses the DER format and as such needs to be opened in binary-mode.
This only has any effect under Win32.
diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
index 0bea5e7..7d0a170 100644
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@@ -227,7 +227,7 @@
return NGX_ERROR;
}
- bio = BIO_new_file((char *) file->data, "r");
+ bio = BIO_new_file((char *) file->data, "rb");
if (bio == NULL) {
ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
"BIO_new_file(\"%s\") failed", file->data);