Mercurial > hg > nginx

--- a/src/event/ngx_event_openssl.c	Fri Dec 12 20:25:42 2014 +0300
+++ b/src/event/ngx_event_openssl.c	Wed Dec 17 15:12:50 2014 +0100
@@ -1146,11 +1146,15 @@
         c->recv_chain = ngx_ssl_recv_chain;
         c->send_chain = ngx_ssl_send_chain;

+#ifdef SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
+
         /* initial handshake done, disable renegotiation (CVE-2009-3555) */
         if (c->ssl->connection->s3) {
             c->ssl->connection->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
         }

+#endif
+
         return NGX_OK;
     }