nginx dudes unrolled SSL_OP_ALL by hand so we also have to delete

author tedu <tedu@openbsd.org>

Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)

committer tedu <tedu@openbsd.org>

Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)
author tedu <tedu@openbsd.org>
Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)
committer tedu <tedu@openbsd.org>
Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)
diff --git a/usr.sbin/nginx/src/event/ngx_event_openssl.c b/usr.sbin/nginx/src/event/ngx_event_openssl.c

index 915e604..81a1e42 100644 (file)
--- a/usr.sbin/nginx/src/event/ngx_event_openssl.c
+++ b/usr.sbin/nginx/src/event/ngx_event_openssl.c
@@ -192,8 +192,6 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data)
      SSL_CTX_set_options(ssl->ctx, SSL_OP_TLS_D5_BUG);
      SSL_CTX_set_options(ssl->ctx, SSL_OP_TLS_BLOCK_PADDING_BUG);
  
-    SSL_CTX_set_options(ssl->ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
-
      SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_DH_USE);
  
      if (!(protocols & NGX_SSL_SSLv2)) {
author	tedu <tedu@openbsd.org>
	Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)
committer	tedu <tedu@openbsd.org>
	Tue, 29 Apr 2014 14:10:07 +0000 (14:10 +0000)