nghttpx: Merge all options settings in one SSL_CTX_set_options

This commit is contained in:
Tatsuhiro Tsujikawa 2015-01-23 23:32:01 +09:00
parent ecfd593076
commit 0f4b0966ef
1 changed files with 6 additions and 8 deletions

View File

@ -295,12 +295,12 @@ SSL_CTX *create_ssl_context(const char *private_key_file,
DIE(); DIE();
} }
SSL_CTX_set_options(ssl_ctx, SSL_CTX_set_options(
SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | ssl_ctx,
SSL_OP_NO_COMPRESSION | SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION |
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
SSL_OP_SINGLE_ECDH_USE | SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE | SSL_OP_SINGLE_DH_USE |
get_config()->tls_proto_mask); SSL_OP_CIPHER_SERVER_PREFERENCE | get_config()->tls_proto_mask);
const unsigned char sid_ctx[] = "shrpx"; const unsigned char sid_ctx[] = "shrpx";
SSL_CTX_set_session_id_context(ssl_ctx, sid_ctx, sizeof(sid_ctx) - 1); SSL_CTX_set_session_id_context(ssl_ctx, sid_ctx, sizeof(sid_ctx) - 1);
@ -313,8 +313,6 @@ SSL_CTX *create_ssl_context(const char *private_key_file,
ciphers = nghttp2::ssl::DEFAULT_CIPHER_LIST; ciphers = nghttp2::ssl::DEFAULT_CIPHER_LIST;
} }
SSL_CTX_set_options(ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
if (SSL_CTX_set_cipher_list(ssl_ctx, ciphers) == 0) { if (SSL_CTX_set_cipher_list(ssl_ctx, ciphers) == 0) {
LOG(FATAL) << "SSL_CTX_set_cipher_list " << ciphers LOG(FATAL) << "SSL_CTX_set_cipher_list " << ciphers
<< " failed: " << ERR_error_string(ERR_get_error(), nullptr); << " failed: " << ERR_error_string(ERR_get_error(), nullptr);