diff options
Diffstat (limited to 'unit-syspol.patch')
-rw-r--r-- | unit-syspol.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/unit-syspol.patch b/unit-syspol.patch deleted file mode 100644 index 1ab0ddf..0000000 --- a/unit-syspol.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff -up ./src/nxt_openssl.c.syspol ./src/nxt_openssl.c ---- ./src/nxt_openssl.c.syspol 2021-08-19 16:52:54.000000000 +0200 -+++ ./src/nxt_openssl.c 2021-08-24 07:43:45.844605992 +0200 -@@ -278,7 +278,7 @@ nxt_openssl_server_init(nxt_task_t *task - nxt_tls_init_t *tls_init, nxt_bool_t last) - { - SSL_CTX *ctx; -- const char *ciphers, *ca_certificate; -+ const char *ca_certificate; - nxt_tls_conf_t *conf; - STACK_OF(X509_NAME) *list; - nxt_tls_bundle_conf_t *bundle; -@@ -339,13 +339,13 @@ nxt_openssl_server_init(nxt_task_t *task - } - */ - -- ciphers = (conf->ciphers != NULL) ? conf->ciphers : "HIGH:!aNULL:!MD5"; -- -- if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) { -- nxt_openssl_log_error(task, NXT_LOG_ALERT, -+ if (conf->ciphers) { /* else use system crypto policy */ -+ if (SSL_CTX_set_cipher_list(ctx, conf->ciphers) == 0) { -+ nxt_openssl_log_error(task, NXT_LOG_ALERT, - "SSL_CTX_set_cipher_list(\"%s\") failed", -- ciphers); -- goto fail; -+ conf->ciphers); -+ goto fail; -+ } - } - - #if (NXT_HAVE_OPENSSL_CONF_CMD) |