nginx.git/src/mail, branch release-1.11.3 nginx Fixed build on MSVC. 2016-06-20T12:11:50+00:00 Roman Arutyunyan arut@nginx.com 2016-06-20T12:11:50+00:00 9810fd06cb3358dbc880ccfcb30a49e693623d0c 






Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
2016-06-20T08:50:39+00:00

Roman Arutyunyan
arut@nginx.com

2016-06-20T08:50:39+00:00

5b201ac31f968d13f1165e7f29967e5826ccb9a1












SSL: ngx_ssl_ciphers() to set list of ciphers.
2016-06-15T20:05:30+00:00

Tim Taubert
tim@timtaubert.de

2016-06-15T20:05:30+00:00

4f578bfcab740fcfbbb8824822803ad9b3f176cc

This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.





This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.







Renamed "u" to "sockaddr" in listen options types.
2016-05-23T13:37:28+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-05-23T13:37:28+00:00

5b267a55bc27f35f38d6d04d2f6284ed4d6156c0












Introduced the ngx_sockaddr_t type.
2016-05-23T13:37:20+00:00

Ruslan Ermilov
ru@nginx.com

2016-05-23T13:37:20+00:00

fd064d3b88e59ee71aec508687403539b01d643c

It's properly aligned and can hold any supported sockaddr.





It's properly aligned and can hold any supported sockaddr.







Use ngx_cmp_sockaddr() where appropriate.
2016-05-20T16:10:42+00:00

Ruslan Ermilov
ru@nginx.com

2016-05-20T16:10:42+00:00

48a16463fa41e508810a6914a126cfce87273cc8












SSL: support for multiple curves (ticket #885).
2016-05-19T11:46:32+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-05-19T11:46:32+00:00

3b7dca4bb5b0938addd48dd5261a0b61d849f8f3

OpenSSL 1.0.2+ allows configuring a curve list instead of a single curve
previously supported.  This allows use of different curves depending on
what client supports (as available via the elliptic_curves extension),
and also allows use of different curves in an ECDHE key exchange and
in the ECDSA certificate.

The special value "auto" was introduced (now the default for ssl_ecdh_curve),
which means "use an internal list of curves as available in the OpenSSL
library used".  For versions prior to OpenSSL 1.0.2 it maps to "prime256v1"
as previously used.  The default in 1.0.2b+ prefers prime256v1 as well
(and X25519 in OpenSSL 1.1.0+).

As client vs. server preference of curves is controlled by the
same option as used for ciphers (SSL_OP_CIPHER_SERVER_PREFERENCE),
the ssl_prefer_server_ciphers directive now controls both.





OpenSSL 1.0.2+ allows configuring a curve list instead of a single curve
previously supported.  This allows use of different curves depending on
what client supports (as available via the elliptic_curves extension),
and also allows use of different curves in an ECDHE key exchange and
in the ECDSA certificate.

The special value "auto" was introduced (now the default for ssl_ecdh_curve),
which means "use an internal list of curves as available in the OpenSSL
library used".  For versions prior to OpenSSL 1.0.2 it maps to "prime256v1"
as previously used.  The default in 1.0.2b+ prefers prime256v1 as well
(and X25519 in OpenSSL 1.1.0+).

As client vs. server preference of curves is controlled by the
same option as used for ciphers (SSL_OP_CIPHER_SERVER_PREFERENCE),
the ssl_prefer_server_ciphers directive now controls both.







SSL: support for multiple certificates (ticket #814).
2016-05-19T11:46:32+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-05-19T11:46:32+00:00

cf126b98b30847a453c6f62e0717867cb05098b0












SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
2016-03-31T20:38:34+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-03-31T20:38:34+00:00

8fc90404fb9c7ead8666a74519035e2b6a2333a7

OpenSSL removed support for all 40 and 56 bit ciphers.





OpenSSL removed support for all 40 and 56 bit ciphers.







Fixed logging.
2016-03-30T23:33:57+00:00

Sergey Kandaurov
pluknet@nginx.com

2016-03-30T23:33:57+00:00

00ef9ff5f03ce7e98ba64c3644da25e5a0d659fc