mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-12 13:42:55 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

SSL: removed OpenSSL 0.9.7 compatibility.

Browse Source
This commit is contained in:
Sergey Kandaurov 2016-04-11 15:46:36 +03:00
parent 2015a54821
commit c17bc31d41
4 changed files with 6 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
src/event/ngx_event_openssl.c
View File

@ -164,7 +164,6 @@ ngx_ssl_init(ngx_log_t *log)
#endif #endif
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef SSL_OP_NO_COMPRESSION #ifndef SSL_OP_NO_COMPRESSION
{ {
/* /*
@ -181,7 +180,6 @@ ngx_ssl_init(ngx_log_t *log)
(void) sk_SSL_COMP_pop(ssl_comp_methods); (void) sk_SSL_COMP_pop(ssl_comp_methods);
} }
} }
#endif
#endif #endif
ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
@ -904,13 +902,6 @@ ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
return NGX_ERROR; return NGX_ERROR;
} }
/*
* before 0.9.7h and 0.9.8 SSL_load_client_CA_file()
* always leaved an error in the error queue
*/
ERR_clear_error();
SSL_CTX_set_client_CA_list(ssl->ctx, list); SSL_CTX_set_client_CA_list(ssl->ctx, list);
return NGX_OK; return NGX_OK;
@ -1076,8 +1067,8 @@ ngx_ssl_info_callback(const ngx_ssl_conn_t *ssl_conn, int where, int ret)
* added to wbio, and set buffer size. * added to wbio, and set buffer size.
*/ */
rbio = SSL_get_rbio((ngx_ssl_conn_t *) ssl_conn); rbio = SSL_get_rbio(ssl_conn);
wbio = SSL_get_wbio((ngx_ssl_conn_t *) ssl_conn); wbio = SSL_get_wbio(ssl_conn);
if (rbio != wbio) { if (rbio != wbio) {
(void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE); (void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE);
@ -1360,7 +1351,6 @@ ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file)
ngx_int_t ngx_int_t
ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name) ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH #ifndef OPENSSL_NO_ECDH
/* /*
@ -1434,7 +1424,6 @@ ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name)
EC_KEY_free(ecdh); EC_KEY_free(ecdh);
#endif #endif
#endif
#endif #endif
return NGX_OK; return NGX_OK;
@ -3364,17 +3353,8 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess)
} }
} }
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length); session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length);
#else
session_id = sess->session_id;
session_id_length = sess->session_id_length;
#endif
#if (NGX_PTR_SIZE == 8) #if (NGX_PTR_SIZE == 8)
id = sess_id->sess_id; id = sess_id->sess_id;
@ -3450,13 +3430,10 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
#endif #endif
u_char *id, int len, int *copy) u_char *id, int len, int *copy)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
const
#endif
u_char *p;
size_t slen; size_t slen;
uint32_t hash; uint32_t hash;
ngx_int_t rc; ngx_int_t rc;
const u_char *p;
ngx_shm_zone_t *shm_zone; ngx_shm_zone_t *shm_zone;
ngx_slab_pool_t *shpool; ngx_slab_pool_t *shpool;
ngx_rbtree_node_t *node, *sentinel; ngx_rbtree_node_t *node, *sentinel;
@ -3578,17 +3555,8 @@ ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess)
cache = shm_zone->data; cache = shm_zone->data;
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
id = (u_char *) SSL_SESSION_get_id(sess, &len); id = (u_char *) SSL_SESSION_get_id(sess, &len);
#else
id = sess->session_id;
len = sess->session_id_length;
#endif
hash = ngx_crc32_short(id, len); hash = ngx_crc32_short(id, len);
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0,
@ -4387,17 +4355,8 @@ ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
return NGX_OK; return NGX_OK;
} }
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
buf = (u_char *) SSL_SESSION_get_id(sess, &len); buf = (u_char *) SSL_SESSION_get_id(sess, &len);
#else
buf = sess->session_id;
len = sess->session_id_length;
#endif
s->len = 2 * len; s->len = 2 * len;
s->data = ngx_pnalloc(pool, 2 * len); s->data = ngx_pnalloc(pool, 2 * len);
if (s->data == NULL) { if (s->data == NULL) {

5
src/event/ngx_event_openssl_stapling.c
View File

@ -589,15 +589,12 @@ ngx_ssl_stapling_update(ngx_ssl_stapling_t *staple)
static void static void
ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx) ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
const
#endif
u_char *p;
int n; int n;
size_t len; size_t len;
time_t now, valid; time_t now, valid;
ngx_str_t response; ngx_str_t response;
X509_STORE *store; X509_STORE *store;
const u_char *p;
STACK_OF(X509) *chain; STACK_OF(X509) *chain;
OCSP_CERTID *id; OCSP_CERTID *id;
OCSP_RESPONSE *ocsp; OCSP_RESPONSE *ocsp;

5
src/http/ngx_http_upstream_round_robin.c
View File

@ -669,10 +669,7 @@ ngx_http_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
ngx_http_upstream_rr_peer_t *peer; ngx_http_upstream_rr_peer_t *peer;
#if (NGX_HTTP_UPSTREAM_ZONE) #if (NGX_HTTP_UPSTREAM_ZONE)
int len; int len;
#if OPENSSL_VERSION_NUMBER >= 0x0090707fL const u_char *p;
const
#endif
u_char *p;
ngx_http_upstream_rr_peers_t *peers; ngx_http_upstream_rr_peers_t *peers;
u_char buf[NGX_SSL_MAX_SESSION_SIZE]; u_char buf[NGX_SSL_MAX_SESSION_SIZE];
#endif #endif

5
src/stream/ngx_stream_upstream_round_robin.c
View File

@ -701,10 +701,7 @@ ngx_stream_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
ngx_stream_upstream_rr_peer_t *peer; ngx_stream_upstream_rr_peer_t *peer;
#if (NGX_STREAM_UPSTREAM_ZONE) #if (NGX_STREAM_UPSTREAM_ZONE)
int len; int len;
#if OPENSSL_VERSION_NUMBER >= 0x0090707fL const u_char *p;
const
#endif
u_char *p;
ngx_stream_upstream_rr_peers_t *peers; ngx_stream_upstream_rr_peers_t *peers;
u_char buf[NGX_SSL_MAX_SESSION_SIZE]; u_char buf[NGX_SSL_MAX_SESSION_SIZE];
#endif #endif