On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic <ylavic....@gmail.com> wrote:
> On Thu, Feb 16, 2017 at 10:26 PM, <wr...@apache.org> wrote:
>> Author: wrowe
>> Date: Thu Feb 16 21:26:34 2017
>> New Revision: 1783305
>>
>> URL: http://svn.apache.org/viewvc?rev=1783305&view=rev
>> Log:
>> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone.
>
> Shouldn't this commit (and follow ups) be merged in
> branches/2.4.x-openssl-1.1.0-compat ?
Yes; however it isn't clear to me what that branch is; a patch management
branch? or something else?
Also wondering if the follow-up patch is actually required... wouldn't we be
just as safe using BIO_s_file() with older openssl flavors? I found the patch
in the early work on compatibility, but it seems we've dropped the conditional
in the current trunk/ sources.
@@ -357,7 +357,11 @@ static STACK_OF(X509) *modssl_read_ocsp_
unsigned long err;
STACK_OF(X509) *other_certs = NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+#else
if ((bio = BIO_new(BIO_s_file())) == NULL)
+#endif
return NULL;
if (BIO_read_filename(bio, file) <= 0) {
BIO_free(bio);
