Mercurial > hg > nginx

comparison src/mail/ngx_mail_ssl_module.c @ 5387:0fbcfab0bfd7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: stop loading configs with invalid "ssl_ciphers" values. While there, remove unnecessary check in ngx_mail_ssl_module. Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
author Piotr Sikora <piotr@cloudflare.com>
date Sun, 22 Sep 2013 22:36:11 -0700
parents 23a186e8ca45
children 09fc4598fc8e
comparison
equal deleted inserted replaced
5386:2d947c2e3ea1 5387:0fbcfab0bfd7
285 != NGX_OK) 285 != NGX_OK)
286 { 286 {
287 return NGX_CONF_ERROR; 287 return NGX_CONF_ERROR;
288 } 288 }
289 289
290 if (conf->ciphers.len) { 290 if (SSL_CTX_set_cipher_list(conf->ssl.ctx,
291 if (SSL_CTX_set_cipher_list(conf->ssl.ctx, 291 (const char *) conf->ciphers.data)
292 (const char *) conf->ciphers.data) 292 == 0)
293 == 0) 293 {
294 { 294 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
295 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, 295 "SSL_CTX_set_cipher_list(\"%V\") failed",
296 "SSL_CTX_set_cipher_list(\"%V\") failed", 296 &conf->ciphers);
297 &conf->ciphers); 297 return NGX_CONF_ERROR;
298 }
299 } 298 }
300 299
301 if (conf->prefer_server_ciphers) { 300 if (conf->prefer_server_ciphers) {
302 SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); 301 SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
303 } 302 }