[PATCH] SSL: avoid SSL_CTX_set_tmp_rsa_callback() call with LibreSSL
Maxim Dounin
mdounin at mdounin.ru
Fri Jun 19 18:40:17 UTC 2015
Hello!
On Thu, Jun 18, 2015 at 03:39:31AM -0700, Piotr Sikora wrote:
> # HG changeset patch
> # User Piotr Sikora <piotr at cloudflare.com>
> # Date 1434623801 25200
> # Thu Jun 18 03:36:41 2015 -0700
> # Node ID e0d2520ed65517b581f2565160a89ba93f4f3630
> # Parent c3ec43580a48114dfd28186f43e773fcfe211337
> SSL: avoid SSL_CTX_set_tmp_rsa_callback() call with LibreSSL.
>
> Signed-off-by: Piotr Sikora <piotr at cloudflare.com>
>
> diff -r c3ec43580a48 -r e0d2520ed655 src/stream/ngx_stream_ssl_module.c
> --- a/src/stream/ngx_stream_ssl_module.c Wed Jun 17 17:57:34 2015 +0300
> +++ b/src/stream/ngx_stream_ssl_module.c Thu Jun 18 03:36:41 2015 -0700
> @@ -276,7 +276,9 @@ ngx_stream_ssl_merge_conf(ngx_conf_t *cf
> SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
> }
>
> +#ifndef LIBRESSL_VERSION_NUMBER
> SSL_CTX_set_tmp_rsa_callback(conf->ssl.ctx, ngx_ssl_rsa512_key_callback);
> +#endif
>
> if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) {
> return NGX_CONF_ERROR;
Committed with a minor change to commit log, thanks!
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list