nginx.git/src/event, branch release-1.9.15 nginx Removed redundant "u" format specifier. 2016-04-08T12:03:38+00:00 Ruslan Ermilov ru@nginx.com 2016-04-08T12:03:38+00:00 37a3a2b2e8ef3202045e4095d894f806ed5e7654 It is implied for "x" and "X". 
It is implied for "x" and "X".
Fixed spelling. 2016-04-07T08:50:13+00:00 Josh Soref timeless@gmail.com 2016-04-07T08:50:13+00:00 73d27510c0d7022384a611269af22ff01634c6d0 






SSL: SSLeay_version() is deprecated in OpenSSL 1.1.0.
2016-03-31T20:38:38+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:38+00:00

2e251b1c342370b8b3365cf30eca2cf61d9ef559

SSLeay_version() and SSLeay() are no longer available if OPENSSL_API_COMPAT
is set to 0x10100000L.  Switched to using OpenSSL_version() instead.

Additionally, we now compare version strings instead of version numbers,
and this correctly works for LibreSSL as well.





SSLeay_version() and SSLeay() are no longer available if OPENSSL_API_COMPAT
is set to 0x10100000L.  Switched to using OpenSSL_version() instead.

Additionally, we now compare version strings instead of version numbers,
and this correctly works for LibreSSL as well.







SSL: X509 was made opaque in OpenSSL 1.1.0.
2016-03-31T20:38:37+00:00

Sergey Kandaurov
pluknet@nginx.com

2016-03-31T20:38:37+00:00

d8fbce1deb24a174f327786684f862cc39b5ac0a

To increment reference counters we now use newly introduced X509_up_ref()
function.





To increment reference counters we now use newly introduced X509_up_ref()
function.







SSL: EVP_MD_CTX was made opaque in OpenSSL 1.1.0.
2016-03-31T20:38:36+00:00

Sergey Kandaurov
pluknet@nginx.com

2016-03-31T20:38:36+00:00

66feb8c6f01a682e93f11e2c80c59bf425d70af9












SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
2016-03-31T20:38:34+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:34+00:00

8fc90404fb9c7ead8666a74519035e2b6a2333a7

OpenSSL removed support for all 40 and 56 bit ciphers.





OpenSSL removed support for all 40 and 56 bit ciphers.







SSL: initialization changes for OpenSSL 1.1.0.
2016-03-31T20:38:33+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:33+00:00

e6f04424affb4c16db9d9c65487ed47459abba7f

OPENSSL_config() deprecated in OpenSSL 1.1.0.  Additionally,
SSL_library_init(), SSL_load_error_strings() and OpenSSL_add_all_algorithms()
are no longer available if OPENSSL_API_COMPAT is set to 0x10100000L.

The OPENSSL_init_ssl() function is now used instead with appropriate
arguments to trigger the same behaviour.  The configure test changed to
use SSL_CTX_set_options().

Deinitialization now happens automatically in OPENSSL_cleanup() called
via atexit(3), so we no longer call EVP_cleanup() and ENGINE_cleanup()
directly.





OPENSSL_config() deprecated in OpenSSL 1.1.0.  Additionally,
SSL_library_init(), SSL_load_error_strings() and OpenSSL_add_all_algorithms()
are no longer available if OPENSSL_API_COMPAT is set to 0x10100000L.

The OPENSSL_init_ssl() function is now used instead with appropriate
arguments to trigger the same behaviour.  The configure test changed to
use SSL_CTX_set_options().

Deinitialization now happens automatically in OPENSSL_cleanup() called
via atexit(3), so we no longer call EVP_cleanup() and ENGINE_cleanup()
directly.







SSL: get_session callback changed in OpenSSL 1.1.0.
2016-03-31T20:38:32+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:32+00:00

93c2749fae7c9516c7dde73543df0ca93cba92b4












SSL: guarded error codes not present in OpenSSL 1.1.0.
2016-03-31T20:38:31+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:31+00:00

0e83d6ac40faefb291c837b4b8cd958914784b75












SSL: reasonable version for LibreSSL.
2016-03-31T20:38:29+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:29+00:00

bad99ee0047282fd5a8e5730d440a032eb2452ed

LibreSSL defines OPENSSL_VERSION_NUMBER to 0x20000000L, but uses an old
API derived from OpenSSL at the time LibreSSL forked.  As a result, every
version check we use to test for new API elements in newer OpenSSL versions
requires an explicit check for LibreSSL.

To reduce clutter, redefine OPENSSL_VERSION_NUMBER to 0x1000107fL if
LibreSSL is used.  The same is done by FreeBSD port of LibreSSL.





LibreSSL defines OPENSSL_VERSION_NUMBER to 0x20000000L, but uses an old
API derived from OpenSSL at the time LibreSSL forked.  As a result, every
version check we use to test for new API elements in newer OpenSSL versions
requires an explicit check for LibreSSL.

To reduce clutter, redefine OPENSSL_VERSION_NUMBER to 0x1000107fL if
LibreSSL is used.  The same is done by FreeBSD port of LibreSSL.