diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2021-08-10 23:43:17 +0300 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2021-08-10 23:43:17 +0300 |
| commit | 9e4e7a4e4202b5b61b785998e143c6ae0a39883c (patch) | |
| tree | 20830bf04da526743c829330257697fdecd379c7 /src/event/ngx_event_openssl.h | |
| parent | 5155845ce4453a07d60e2ce43946c9181bc311fa (diff) | |
| download | nginx-9e4e7a4e4202b5b61b785998e143c6ae0a39883c.tar.gz nginx-9e4e7a4e4202b5b61b785998e143c6ae0a39883c.tar.bz2 | |
SSL: removed export ciphers support.
Export ciphers are forbidden to negotiate in TLS 1.1 and later protocol modes.
They are disabled since OpenSSL 1.0.2g by default unless explicitly configured
with "enable-weak-ssl-ciphers", and completely removed in OpenSSL 1.1.0.
Diffstat (limited to 'src/event/ngx_event_openssl.h')
| -rw-r--r-- | src/event/ngx_event_openssl.h | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h index 81b87d7cb..68e970b89 100644 --- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -29,7 +29,6 @@ #include <openssl/ocsp.h> #endif #include <openssl/rand.h> -#include <openssl/rsa.h> #include <openssl/x509.h> #include <openssl/x509v3.h> @@ -208,10 +207,6 @@ ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data); -#if (OPENSSL_VERSION_NUMBER < 0x10100001L && !defined LIBRESSL_VERSION_NUMBER) -RSA *ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export, - int key_length); -#endif ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, ngx_array_t *passwords); |