nginx.git - nginx

Age	Commit message (Collapse)	Author	Files	Lines
2016-06-29	Stream: SSL-related variables.	Vladimir Homutov	1	-1/+114

2016-06-15	Stream: added preconfiguration step.	Vladimir Homutov	1	-0/+1

2016-06-15	SSL: ngx_ssl_ciphers() to set list of ciphers.	Tim Taubert	1	-14/+3
	This patch moves various OpenSSL-specific function calls into the OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more crypto-library-agnostic.
2016-05-19	SSL: support for multiple curves (ticket #885).	Maxim Dounin	1	-1/+1
	OpenSSL 1.0.2+ allows configuring a curve list instead of a single curve previously supported. This allows use of different curves depending on what client supports (as available via the elliptic_curves extension), and also allows use of different curves in an ECDHE key exchange and in the ECDSA certificate. The special value "auto" was introduced (now the default for ssl_ecdh_curve), which means "use an internal list of curves as available in the OpenSSL library used". For versions prior to OpenSSL 1.0.2 it maps to "prime256v1" as previously used. The default in 1.0.2b+ prefers prime256v1 as well (and X25519 in OpenSSL 1.1.0+). As client vs. server preference of curves is controlled by the same option as used for ciphers (SSL_OP_CIPHER_SERVER_PREFERENCE), the ssl_prefer_server_ciphers directive now controls both.
2016-05-19	SSL: support for multiple certificates (ticket #814).	Maxim Dounin	1	-13/+17

2016-03-31	SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.	Maxim Dounin	1	-1/+1
	OpenSSL removed support for all 40 and 56 bit ciphers.
2015-06-18	Stream: avoid SSL_CTX_set_tmp_rsa_callback() call with LibreSSL.	Piotr Sikora	1	-0/+2
	Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2015-06-09	Stream: added postconfiguration method to stream modules.	Vladimir Homutov	1	-0/+2

2015-05-25	Disabled SSLv3 by default (ticket #653).	Maxim Dounin	1	-1/+1

2015-04-20	Stream: port from NGINX+.	Ruslan Ermilov	1	-0/+456