httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William A Rowe Jr <wr...@rowe-clan.net>
Subject Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
Date Thu, 16 Feb 2017 23:18:43 GMT
On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
> On Thu, Feb 16, 2017 at 10:26 PM,  <wrowe@apache.org> wrote:
>> Author: wrowe
>> Date: Thu Feb 16 21:26:34 2017
>> New Revision: 1783305
>>
>> URL: http://svn.apache.org/viewvc?rev=1783305&view=rev
>> Log:
>> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone.
>
> Shouldn't this commit (and follow ups) be merged in
> branches/2.4.x-openssl-1.1.0-compat ?

Yes; however it isn't clear to me what that branch is; a patch management
branch? or something else?

Also wondering if the follow-up patch is actually required... wouldn't we be
just as safe using BIO_s_file() with older openssl flavors? I found the patch
in the early work on compatibility, but it seems we've dropped the conditional
in the current trunk/ sources.

@@ -357,7 +357,11 @@ static STACK_OF(X509) *modssl_read_ocsp_
     unsigned long err;
     STACK_OF(X509) *other_certs = NULL;

+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+    if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+#else
     if ((bio = BIO_new(BIO_s_file())) == NULL)
+#endif
         return NULL;
     if (BIO_read_filename(bio, file) <= 0) {
         BIO_free(bio);

Mime
View raw message