Mercurial > hg > nginx
changeset 9323:8ebb4e488aa4
SSL: removed OPENSSL_NO_SHA256 support.
In OpenSSL itself, support for builds without SHA256 was removed in
OpenSSL 1.1.0 and was already broken at that time (see
https://github.com/openssl/openssl/commit/474e469bbd for details).
In BoringSSL, support for OPENSSL_NO_SHA256 was removed in 2014.
In LibreSSL as of 3.9.2, some support it still present, but broken.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 31 Aug 2024 00:30:39 +0300 |
parents | d6f75dd66761 |
children | 03cdd806c0f2 |
files | src/event/ngx_event_openssl.c |
diffstat | 1 files changed, 0 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c Sun Aug 25 06:35:40 2024 +0300 +++ b/src/event/ngx_event_openssl.c Sat Aug 31 00:30:39 2024 +0300 @@ -4553,11 +4553,7 @@ return -1; } -#ifdef OPENSSL_NO_SHA256 - digest = EVP_sha1(); -#else digest = EVP_sha256(); -#endif keys = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_ticket_keys_index); if (keys == NULL) {