Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
On Fri, Feb 17, 2017 at 12:18 AM, William A Rowe Jrwrote: > On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic wrote: >> >> Shouldn't this commit (and follow ups) be merged in >> branches/2.4.x-openssl-1.1.0-compat ? > > Yes; however it isn't clear to me what that branch is; a patch management > branch? or something else? Not sure either, I think Rainer first created it for the merge, but since it was later rebased I don't know. Not sure it is fully synchronized either. > > Also wondering if the follow-up patch is actually required... wouldn't we be > just as safe using BIO_s_file() with older openssl flavors? I found the patch > in the early work on compatibility, but it seems we've dropped the conditional > in the current trunk/ sources. BIO_s_file_internal() seems to be a WIN16 thing, so I guess we can remove it :)
Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavicwrote: > On Thu, Feb 16, 2017 at 10:26 PM, wrote: >> Author: wrowe >> Date: Thu Feb 16 21:26:34 2017 >> New Revision: 1783305 >> >> URL: http://svn.apache.org/viewvc?rev=1783305=rev >> Log: >> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone. > > Shouldn't this commit (and follow ups) be merged in > branches/2.4.x-openssl-1.1.0-compat ? Yes; however it isn't clear to me what that branch is; a patch management branch? or something else? Also wondering if the follow-up patch is actually required... wouldn't we be just as safe using BIO_s_file() with older openssl flavors? I found the patch in the early work on compatibility, but it seems we've dropped the conditional in the current trunk/ sources. @@ -357,7 +357,11 @@ static STACK_OF(X509) *modssl_read_ocsp_ unsigned long err; STACK_OF(X509) *other_certs = NULL; +#if OPENSSL_VERSION_NUMBER < 0x1010L +if ((bio = BIO_new(BIO_s_file_internal())) == NULL) +#else if ((bio = BIO_new(BIO_s_file())) == NULL) +#endif return NULL; if (BIO_read_filename(bio, file) <= 0) { BIO_free(bio);
Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
On Thu, Feb 16, 2017 at 10:26 PM,wrote: > Author: wrowe > Date: Thu Feb 16 21:26:34 2017 > New Revision: 1783305 > > URL: http://svn.apache.org/viewvc?rev=1783305=rev > Log: > Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone. Shouldn't this commit (and follow ups) be merged in branches/2.4.x-openssl-1.1.0-compat ?