mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-12 21:52:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

SSL: stop loading configs with invalid "ssl_ciphers" values.

Browse Source 
While there, remove unnecessary check in ngx_mail_ssl_module.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
This commit is contained in:
Piotr Sikora 2013-09-22 22:36:11 -07:00
parent 35e2bb0efb
commit f52a2c7585
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/http/modules/ngx_http_ssl_module.c
View File

@ -561,6 +561,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
"SSL_CTX_set_cipher_list(\"%V\") failed", "SSL_CTX_set_cipher_list(\"%V\") failed",
&conf->ciphers); &conf->ciphers);
return NGX_CONF_ERROR;
} }
if (conf->verify) { if (conf->verify) {

17
src/mail/ngx_mail_ssl_module.c
View File

@ -287,15 +287,14 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
return NGX_CONF_ERROR; return NGX_CONF_ERROR;
} }
if (conf->ciphers.len) { if (SSL_CTX_set_cipher_list(conf->ssl.ctx,
if (SSL_CTX_set_cipher_list(conf->ssl.ctx, (const char *) conf->ciphers.data)
(const char *) conf->ciphers.data) == 0)
== 0) {
{ ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_set_cipher_list(\"%V\") failed",
"SSL_CTX_set_cipher_list(\"%V\") failed", &conf->ciphers);
&conf->ciphers); return NGX_CONF_ERROR;
}
} }
if (conf->prefer_server_ciphers) { if (conf->prefer_server_ciphers) {