Mercurial > hg > nginx

changeset 7901:dda421871bc2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: removed use of the SSL_OP_MSIE_SSLV2_RSA_PADDING option. It has no effect since OpenSSL 0.9.7h and 0.9.8a.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 10 Aug 2021 23:43:17 +0300
parents 509b663a789c
children 67c68cd973b8
files src/event/ngx_event_openssl.c
diffstat 1 files changed, 0 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -299,11 +299,6 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_
     SSL_CTX_set_options(ssl->ctx, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER);
 #endif
 
-#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
-    /* this option allow a potential SSL 2.0 rollback (CAN-2005-2969) */
-    SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING);
-#endif
-
 #ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
     SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG);
 #endif