From e61ba26744d404a83eba0bf560b6697c453e6705 Mon Sep 17 00:00:00 2001
From: Igor Sysoev <igor@sysoev.ru>
Date: Wed, 20 Jul 2011 12:59:24 +0000
Subject: MSIE export versions are rare now, so RSA 512 key is generated on
 demand and is shared among all hosts instead of pregenerating for every HTTPS
 host on configuraiton phase. This decreases start time for configuration with
 large number of HTTPS hosts.

---
 src/http/modules/ngx_http_ssl_module.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'src/http')

diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 1860050d3..52c9196ce 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -465,9 +465,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
     }
 
     /* a temporary 512-bit RSA key is required for export versions of MSIE */
-    if (ngx_ssl_generate_rsa512_key(&conf->ssl) != NGX_OK) {
-        return NGX_CONF_ERROR;
-    }
+    SSL_CTX_set_tmp_rsa_callback(conf->ssl.ctx, ngx_ssl_rsa512_key_callback);
 
     if (ngx_ssl_dhparam(cf, &conf->ssl, &conf->dhparam) != NGX_OK) {
         return NGX_CONF_ERROR;
-- 
cgit