[PATCH] Configure: remove redundant NGX_OPENSSL
Maxim Dounin
mdounin at mdounin.ru
Tue Oct 27 01:40:58 UTC 2015
Hello!
On Mon, Oct 26, 2015 at 02:45:28PM -0700, Piotr Sikora wrote:
> Hey Maxim,
>
> > The NGX_SSL and NGX_OPENSSL macros are distinct as a result of an
> > attempt to allow using different SSL libraries by introducing an
> > abstraction ngx_ssl_* layer. I don't think removing this
> > distinction is a good idea.
>
> They aren't distinct in the current implementation:
> - both are defined at the same time in autotools and there is no way
> to get one defined, but not the other,
> - source code requires you to have either none or both defined,
> otherwise build fails,
> - call to abstract ngx_ssl_init() is guarded by NGX_OPENSSL, but it
> should be guarded by NGX_SSL,
> - OpenSSL is the only ngx_ssl_* implementation.
Both are defined at the same time now, as the only SSL library
supported is OpenSSL. They are still distinct on semantic level
though.
> So, unless there are immediate plans for adding support to other SSL
> libraries, I think that they are redundant and NGX_OPENSSL should be
> removed.
There are no immediate plans to add support for other SSL
libraries, as well as no plans to remove the bits we
already have.
> In any case, at least the NGX_OPENSSL around ngx_ssl_init() should be
> replaced with NGX_SSL.
If you want to improve ngx_ssl_* abstraction layer there are lots
of places to work on.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list