Mercurial > hg > nginx

changeset 9323:8ebb4e488aa4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: removed OPENSSL_NO_SHA256 support. In OpenSSL itself, support for builds without SHA256 was removed in OpenSSL 1.1.0 and was already broken at that time (see https://github.com/openssl/openssl/commit/474e469bbd for details). In BoringSSL, support for OPENSSL_NO_SHA256 was removed in 2014. In LibreSSL as of 3.9.2, some support it still present, but broken.
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 31 Aug 2024 00:30:39 +0300
parents d6f75dd66761
children 03cdd806c0f2
files src/event/ngx_event_openssl.c
diffstat 1 files changed, 0 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -4553,11 +4553,7 @@ ngx_ssl_ticket_key_callback(ngx_ssl_conn
         return -1;
     }
 
-#ifdef OPENSSL_NO_SHA256
-    digest = EVP_sha1();
-#else
     digest = EVP_sha256();
-#endif
 
     keys = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_ticket_keys_index);
     if (keys == NULL) {