Mercurial > hg > nginx

diff src/http/modules/ngx_http_proxy_module.c @ 4400:a0505851e70c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive. Support for TLSv1.1 and TLSv1.2 protocols was introduced in OpenSSL 1.0.1 (-beta1 was recently released). This change makes it possible to disable these protocols and/or enable them without other protocols.
author Maxim Dounin <mdounin@mdounin.ru>
date Wed, 11 Jan 2012 11:15:00 +0000
parents 3d51ba7f347b
children d45742815c90
line wrap: on
line diff
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -3598,7 +3598,9 @@ ngx_http_proxy_set_ssl(ngx_conf_t *cf, n
     plcf->upstream.ssl->log = cf->log;
 
     if (ngx_ssl_create(plcf->upstream.ssl,
-                       NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1, NULL)
+                       NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+                                    |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2,
+                       NULL)
         != NGX_OK)
     {
         return NGX_ERROR;