[PATCH] SSL: DH was made opaque in OpenSSL 1.1.0
Maxim Dounin
mdounin at mdounin.ru
Wed May 11 14:10:20 UTC 2016
Hello!
On Wed, May 11, 2016 at 02:37:57PM +0100, Alessandro Ghedini wrote:
> On Wed, May 11, 2016 at 03:40:37PM +0300, Maxim Dounin wrote:
> > Hello!
> >
> > On Wed, May 11, 2016 at 01:24:44PM +0100, Alessandro Ghedini wrote:
> >
> > > # HG changeset patch
> > > # User Alessandro Ghedini <alessandro at cloudflare.com>
> > > # Date 1462967148 -3600
> > > # Wed May 11 12:45:48 2016 +0100
> > > # Node ID f3413937fddaaca954090e26cf92b49fdf2f9722
> > > # Parent 2f98b5709d7965e7c97cb74b8380014179c7bf0d
> > > SSL: DH was made opaque in OpenSSL 1.1.0
> > >
> > > DH_set0_pqg() was introduced to initialize the DH parameters.
> >
> > No, thanks.
> > See https://trac.nginx.org/nginx/ticket/860#comment:8 for details.
>
> Ok, thanks. Agree that DH should be removed, any ETA on that? I'm just trying
> to make ngx_lua build with OpenSSL master (but I can just patch NGINX locally
> for now).
A patch series which, in particular, removes compiled-in DH
parameters, is currently under review. It's expected to be
committed in a week or so.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list