Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.c @ 6489:c256dfdd469d
SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
OpenSSL removed support for all 40 and 56 bit ciphers.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 31 Mar 2016 23:38:34 +0300 |
| parents | 3ef7bb882ad4 |
| children | 51e1f047d15d |
comparison
equal
deleted
inserted
replaced
| 6488:a57b2b8999e7 | 6489:c256dfdd469d |
|---|---|
| 716 | 716 |
| 717 if (conf->prefer_server_ciphers) { | 717 if (conf->prefer_server_ciphers) { |
| 718 SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); | 718 SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); |
| 719 } | 719 } |
| 720 | 720 |
| 721 #ifndef LIBRESSL_VERSION_NUMBER | 721 #if (OPENSSL_VERSION_NUMBER < 0x10100001L && !defined LIBRESSL_VERSION_NUMBER) |
| 722 /* a temporary 512-bit RSA key is required for export versions of MSIE */ | 722 /* a temporary 512-bit RSA key is required for export versions of MSIE */ |
| 723 SSL_CTX_set_tmp_rsa_callback(conf->ssl.ctx, ngx_ssl_rsa512_key_callback); | 723 SSL_CTX_set_tmp_rsa_callback(conf->ssl.ctx, ngx_ssl_rsa512_key_callback); |
| 724 #endif | 724 #endif |
| 725 | 725 |
| 726 if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) { | 726 if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) { |