[PATCH] Configure: remove redundant NGX_OPENSSL

Maxim Dounin mdounin at mdounin.ru
Tue Oct 27 01:40:58 UTC 2015


On Mon, Oct 26, 2015 at 02:45:28PM -0700, Piotr Sikora wrote:

> Hey Maxim,
> > The NGX_SSL and NGX_OPENSSL macros are distinct as a result of an
> > attempt to allow using different SSL libraries by introducing an
> > abstraction ngx_ssl_* layer.  I don't think removing this
> > distinction is a good idea.
> They aren't distinct in the current implementation:
> - both are defined at the same time in autotools and there is no way
> to get one defined, but not the other,
> - source code requires you to have either none or both defined,
> otherwise build fails,
> - call to abstract ngx_ssl_init() is guarded by NGX_OPENSSL, but it
> should be guarded by NGX_SSL,
> - OpenSSL is the only ngx_ssl_* implementation.

Both are defined at the same time now, as the only SSL library 
supported is OpenSSL.  They are still distinct on semantic level 

> So, unless there are immediate plans for adding support to other SSL
> libraries, I think that they are redundant and NGX_OPENSSL should be
> removed.

There are no immediate plans to add support for other SSL 
libraries, as well as no plans to remove the bits we 
already have.

> In any case, at least the NGX_OPENSSL around ngx_ssl_init() should be
> replaced with NGX_SSL.

If you want to improve ngx_ssl_* abstraction layer there are lots 
of places to work on.

Maxim Dounin

More information about the nginx-devel mailing list