79b87222821716fb0b68fc78382ece40f053ebbf - nginx

commit	79b87222821716fb0b68fc78382ece40f053ebbf	[log] [tgz]
author	Maxim Dounin <mdounin@mdounin.ru>	Mon Aug 16 22:40:31 2021 +0300
committer	Maxim Dounin <mdounin@mdounin.ru>	Mon Aug 16 22:40:31 2021 +0300
tree	7474e80d643bbd397d62ceb0192da067044b5fcb
parent	2b331337161cff1097ca222b80895aa03959dd8d [diff]

SSL: ciphers now set before loading certificates (ticket #2035).

To load old/weak server or client certificates it might be needed to adjust
the security level, as introduced in OpenSSL 1.1.0.  This change ensures that
ciphers are set before loading the certificates, so security level changes
via the cipher string apply to certificate loading.

src/http/modules/ngx_http_grpc_module.c[diff]
src/http/modules/ngx_http_proxy_module.c[diff]
src/http/modules/ngx_http_ssl_module.c[diff]
src/http/modules/ngx_http_uwsgi_module.c[diff]
src/mail/ngx_mail_ssl_module.c[diff]
src/stream/ngx_stream_proxy_module.c[diff]
src/stream/ngx_stream_ssl_module.c[diff]

7 files changed

tree: 7474e80d643bbd397d62ceb0192da067044b5fcb

auto/
conf/
contrib/
docs/
misc/
src/
.hgtags