[PATCH] Configure: remove redundant NGX_OPENSSL

Piotr Sikora piotrsikora at google.com
Mon Oct 26 21:45:28 UTC 2015

Hey Maxim,

> The NGX_SSL and NGX_OPENSSL macros are distinct as a result of an
> attempt to allow using different SSL libraries by introducing an
> abstraction ngx_ssl_* layer.  I don't think removing this
> distinction is a good idea.

They aren't distinct in the current implementation:
- both are defined at the same time in autotools and there is no way
to get one defined, but not the other,
- source code requires you to have either none or both defined,
otherwise build fails,
- call to abstract ngx_ssl_init() is guarded by NGX_OPENSSL, but it
should be guarded by NGX_SSL,
- OpenSSL is the only ngx_ssl_* implementation.

So, unless there are immediate plans for adding support to other SSL
libraries, I think that they are redundant and NGX_OPENSSL should be

In any case, at least the NGX_OPENSSL around ngx_ssl_init() should be
replaced with NGX_SSL.

Best regards,
Piotr Sikora

More information about the nginx-devel mailing list