The output of whether prefer-server-ciphers is supported by OpenSSL
actually always show yes in 1.8, because SSL_OP_CIPHER_SERVER_PREFERENCE
is redefined before the actual check in src/ssl_sock.c, since it was
moved from here from src/haproxy.c.
Since this is not really relevant anymore as we don't support OpenSSL
< 0.9.7 anyway, this change just removes this output.
---
> Yep please proceed as you see fit. If you think other ones are also for
> < 0.9.7 (or < 0.9.8), you can kill them as well.
I did not find any other outputs, unless you meant actual #defines for
older openssl compatiblity as well? I would leave them as-is. It may be
useful for OpenSSL forks or forward compatibility if those macros get
removed from upstream OpenSSL.
---
src/ssl_sock.c | 7 -------
1 file changed, 7 deletions(-)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 62b983a..3705917 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -6794,13 +6794,6 @@ static void __ssl_sock_init(void)
#endif
"", ptr);
- memprintf(&ptr, "%s\nOpenSSL library supports prefer-server-ciphers : "
-#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
- "yes"
-#else
- "no (0.9.7 or later needed)"
-#endif
- "", ptr);
hap_register_build_opts(ptr, 1);
global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
--
2.7.4
