diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2021-08-10 23:43:17 +0300 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2021-08-10 23:43:17 +0300 |
| commit | 926e0aa70acd58d2a13451f40fc19aeb5393aa7e (patch) | |
| tree | 547c8babaffa328c45a1229b1069c24e542703af | |
| parent | 9e4e7a4e4202b5b61b785998e143c6ae0a39883c (diff) | |
| download | nginx-926e0aa70acd58d2a13451f40fc19aeb5393aa7e.tar.gz | |
SSL: removed use of the SSL_OP_MSIE_SSLV2_RSA_PADDING option.
It has no effect since OpenSSL 0.9.7h and 0.9.8a.
| -rw-r--r-- | src/event/ngx_event_openssl.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 3705f5eaf..c087884ce 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -299,11 +299,6 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data) SSL_CTX_set_options(ssl->ctx, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER); #endif -#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING - /* this option allow a potential SSL 2.0 rollback (CAN-2005-2969) */ - SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING); -#endif - #ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG); #endif |