Mercurial > hg > nginx
changeset 7509:b99cbafd51da
SSL: removed OpenSSL 0.9.7 compatibility.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 11 Apr 2016 15:46:36 +0300 |
parents | c30a20e06c21 |
children | 054c1c46395c |
files | src/event/ngx_event_openssl.c src/event/ngx_event_openssl_stapling.c src/http/ngx_http_upstream_round_robin.c src/stream/ngx_stream_upstream_round_robin.c |
diffstat | 4 files changed, 6 insertions(+), 56 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c Mon May 13 22:44:49 2019 +0300 +++ b/src/event/ngx_event_openssl.c Mon Apr 11 15:46:36 2016 +0300 @@ -164,7 +164,6 @@ #endif -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef SSL_OP_NO_COMPRESSION { /* @@ -182,7 +181,6 @@ } } #endif -#endif ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); @@ -904,13 +902,6 @@ return NGX_ERROR; } - /* - * before 0.9.7h and 0.9.8 SSL_load_client_CA_file() - * always leaved an error in the error queue - */ - - ERR_clear_error(); - SSL_CTX_set_client_CA_list(ssl->ctx, list); return NGX_OK; @@ -1076,8 +1067,8 @@ * added to wbio, and set buffer size. */ - rbio = SSL_get_rbio((ngx_ssl_conn_t *) ssl_conn); - wbio = SSL_get_wbio((ngx_ssl_conn_t *) ssl_conn); + rbio = SSL_get_rbio(ssl_conn); + wbio = SSL_get_wbio(ssl_conn); if (rbio != wbio) { (void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE); @@ -1360,7 +1351,6 @@ ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name) { -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef OPENSSL_NO_ECDH /* @@ -1435,7 +1425,6 @@ EC_KEY_free(ecdh); #endif #endif -#endif return NGX_OK; } @@ -3364,17 +3353,8 @@ } } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length); -#else - - session_id = sess->session_id; - session_id_length = sess->session_id_length; - -#endif - #if (NGX_PTR_SIZE == 8) id = sess_id->sess_id; @@ -3450,13 +3430,10 @@ #endif u_char *id, int len, int *copy) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; size_t slen; uint32_t hash; ngx_int_t rc; + const u_char *p; ngx_shm_zone_t *shm_zone; ngx_slab_pool_t *shpool; ngx_rbtree_node_t *node, *sentinel; @@ -3578,17 +3555,8 @@ cache = shm_zone->data; -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - id = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - id = sess->session_id; - len = sess->session_id_length; - -#endif - hash = ngx_crc32_short(id, len); ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, @@ -4387,17 +4355,8 @@ return NGX_OK; } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - buf = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - buf = sess->session_id; - len = sess->session_id_length; - -#endif - s->len = 2 * len; s->data = ngx_pnalloc(pool, 2 * len); if (s->data == NULL) {
--- a/src/event/ngx_event_openssl_stapling.c Mon May 13 22:44:49 2019 +0300 +++ b/src/event/ngx_event_openssl_stapling.c Mon Apr 11 15:46:36 2016 +0300 @@ -589,15 +589,12 @@ static void ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; int n; size_t len; time_t now, valid; ngx_str_t response; X509_STORE *store; + const u_char *p; STACK_OF(X509) *chain; OCSP_CERTID *id; OCSP_RESPONSE *ocsp;
--- a/src/http/ngx_http_upstream_round_robin.c Mon May 13 22:44:49 2019 +0300 +++ b/src/http/ngx_http_upstream_round_robin.c Mon Apr 11 15:46:36 2016 +0300 @@ -669,10 +669,7 @@ ngx_http_upstream_rr_peer_t *peer; #if (NGX_HTTP_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_http_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif
--- a/src/stream/ngx_stream_upstream_round_robin.c Mon May 13 22:44:49 2019 +0300 +++ b/src/stream/ngx_stream_upstream_round_robin.c Mon Apr 11 15:46:36 2016 +0300 @@ -701,10 +701,7 @@ ngx_stream_upstream_rr_peer_t *peer; #if (NGX_STREAM_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_stream_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif