Thanks for the feedback. Proposed for 2.4.x a minute ago.
Am 23.03.2020 um 14:48 schrieb Ruediger Pluem:
On 3/23/20 2:44 PM, Rainer Jung wrote:
The dependency on SSL_CTX_get_min_proto_version() and
SSL_CTX_get_max_proto_version() was introduced in October by Yann's
"r1868645 mod_ssl: negotiate the TLS protocol version per name based vhost
configuration".
Although the set variants are available in 1.1.0, the set were added later in
1.1.0g.
Not sure, whether adjusting the version check as done now is the right fix. At
least it unbreaks building httpd against OpenSSL
1.1.0-1.1.0f.
The original change has been backported to 2.4.x, so building that for the
above OpenSSL versions is currently broken.
IMHO we should backport it then once clarified that this is the correct thing
to do and ensure that it gets in 2.4.43.
I think this is a release blocker.
Regards
RĂ¼diger
