httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Sylvester <Peter.Sylves...@edelweb.fr>
Subject smal mod to mod_ssl
Date Wed, 28 Mar 2007 12:56:21 GMT
I would like to propose a slight change to mod_ssl  sssl_engine_init.c
The recent openssl versions changed teh definitions of the
SSLvnn_xxx_method to be const.
This has an impact to the ssl_init_ctx_protocol function.

The curent code reads:

static void ssl_init_ctx_protocol(server_rec *s,
                                  apr_pool_t *p,
                                  apr_pool_t *ptemp,
                                  modssl_ctx_t *mctx)
{
    SSL_CTX *ctx = NULL;
    SSL_METHOD *method = NULL;
 
..... some stuff deleted



    if (protocol == SSL_PROTOCOL_SSLV2) {
        method = mctx->pkp ?
            SSLv2_client_method() : /* proxy */
            SSLv2_server_method();  /* server */
        ctx = SSL_CTX_new(method);  /* only SSLv2 is left */
    }
    else {
        method = mctx->pkp ?
            SSLv23_client_method() : /* proxy */
            SSLv23_server_method();  /* server */
        ctx = SSL_CTX_new(method); /* be more flexible */
    }

------
Since method is only used in the two cases before I think it is
better to use the expressions as a parameter to SSL_CTX_new
and not declare "method".

Thanks for consideration.
Peter Sylvester



Mime
View raw message