IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-22 15:13:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

SSL: use of the SSL_OP_NO_RENEGOTIATION option (ticket #1376).

Browse Source 
The SSL_OP_NO_RENEGOTIATION option is available in OpenSSL 1.1.0h+ and can
save some CPU cycles on renegotiation attempts.
This commit is contained in:
Maxim Dounin 2018-07-16 17:47:48 +03:00
parent 1456129902
commit e1bebd05cb
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/event/ngx_event_openssl.c
View File

@ -1193,6 +1193,10 @@ ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_uint_t flags)
} else { } else {
SSL_set_accept_state(sc->connection); SSL_set_accept_state(sc->connection);
#ifdef SSL_OP_NO_RENEGOTIATION
SSL_set_options(sc->connection, SSL_OP_NO_RENEGOTIATION);
#endif
} }
if (SSL_set_ex_data(sc->connection, ngx_ssl_connection_index, c) == 0) { if (SSL_set_ex_data(sc->connection, ngx_ssl_connection_index, c) == 0) {