[nginx] SSL: removed OPENSSL_NO_SHA256 support.
Maxim Dounin
mdounin at mdounin.ru
Sat Aug 31 00:54:18 UTC 2024
details: http://freenginx.org/hg/nginx/rev/8ebb4e488aa4
branches:
changeset: 9323:8ebb4e488aa4
user: Maxim Dounin <mdounin at mdounin.ru>
date: Sat Aug 31 00:30:39 2024 +0300
description:
SSL: removed OPENSSL_NO_SHA256 support.
In OpenSSL itself, support for builds without SHA256 was removed in
OpenSSL 1.1.0 and was already broken at that time (see
https://github.com/openssl/openssl/commit/474e469bbd for details).
In BoringSSL, support for OPENSSL_NO_SHA256 was removed in 2014.
In LibreSSL as of 3.9.2, some support it still present, but broken.
diffstat:
src/event/ngx_event_openssl.c | 4 ----
1 files changed, 0 insertions(+), 4 deletions(-)
diffs (15 lines):
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -4553,11 +4553,7 @@ ngx_ssl_ticket_key_callback(ngx_ssl_conn
return -1;
}
-#ifdef OPENSSL_NO_SHA256
- digest = EVP_sha1();
-#else
digest = EVP_sha256();
-#endif
keys = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_ticket_keys_index);
if (keys == NULL) {
More information about the nginx-devel
mailing list