[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function
piotr at cloudflare.com
Mon Jul 7 22:02:14 UTC 2014
> It's marked as deprecated in master branch, but not in the latest
> release. Try looking into the latest release docs, 1.0.1h -
> doc/crypto/RSA_generate_key.pod doesn't even mention
It's been deprecated before OpenSSL-0.9.8 release, see git history .
OpenSSL's documentation is terrible source of information and that's
not news - nginx itself is using a lot of undocumented functions,
especially in the OCSP stapling code.
> Sure, it can and likely will be helpful. In this particular case
> the replacement code seems to be too long though. For
> development needs, it will probably be enough to just return NULL
> if OPENSSL_NO_DEPRECATED is defined.
Sigh, I really don't think that the amount of code is really a problem
here... But if you're really unhappy with it, maybe let's just remove
the callback altogether? It's not like it's used with nginx's default
ciphers list and I'm not aware of anything since Windows NT 4.0 that
would require it.
More information about the nginx-devel