summaryrefslogtreecommitdiffstats
path: root/unit-syspol.patch
diff options
context:
space:
mode:
Diffstat (limited to 'unit-syspol.patch')
-rw-r--r--unit-syspol.patch32
1 files changed, 0 insertions, 32 deletions
diff --git a/unit-syspol.patch b/unit-syspol.patch
deleted file mode 100644
index 1ab0ddf..0000000
--- a/unit-syspol.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-diff -up ./src/nxt_openssl.c.syspol ./src/nxt_openssl.c
---- ./src/nxt_openssl.c.syspol 2021-08-19 16:52:54.000000000 +0200
-+++ ./src/nxt_openssl.c 2021-08-24 07:43:45.844605992 +0200
-@@ -278,7 +278,7 @@ nxt_openssl_server_init(nxt_task_t *task
- nxt_tls_init_t *tls_init, nxt_bool_t last)
- {
- SSL_CTX *ctx;
-- const char *ciphers, *ca_certificate;
-+ const char *ca_certificate;
- nxt_tls_conf_t *conf;
- STACK_OF(X509_NAME) *list;
- nxt_tls_bundle_conf_t *bundle;
-@@ -339,13 +339,13 @@ nxt_openssl_server_init(nxt_task_t *task
- }
- */
-
-- ciphers = (conf->ciphers != NULL) ? conf->ciphers : "HIGH:!aNULL:!MD5";
--
-- if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) {
-- nxt_openssl_log_error(task, NXT_LOG_ALERT,
-+ if (conf->ciphers) { /* else use system crypto policy */
-+ if (SSL_CTX_set_cipher_list(ctx, conf->ciphers) == 0) {
-+ nxt_openssl_log_error(task, NXT_LOG_ALERT,
- "SSL_CTX_set_cipher_list(\"%s\") failed",
-- ciphers);
-- goto fail;
-+ conf->ciphers);
-+ goto fail;
-+ }
- }
-
- #if (NXT_HAVE_OPENSSL_CONF_CMD)