On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic <ylavic....@gmail.com> wrote: > On Thu, Feb 16, 2017 at 10:26 PM, <wr...@apache.org> wrote: >> Author: wrowe >> Date: Thu Feb 16 21:26:34 2017 >> New Revision: 1783305 >> >> URL: http://svn.apache.org/viewvc?rev=1783305&view=rev >> Log: >> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone. > > Shouldn't this commit (and follow ups) be merged in > branches/2.4.x-openssl-1.1.0-compat ?
Yes; however it isn't clear to me what that branch is; a patch management branch? or something else? Also wondering if the follow-up patch is actually required... wouldn't we be just as safe using BIO_s_file() with older openssl flavors? I found the patch in the early work on compatibility, but it seems we've dropped the conditional in the current trunk/ sources. @@ -357,7 +357,11 @@ static STACK_OF(X509) *modssl_read_ocsp_ unsigned long err; STACK_OF(X509) *other_certs = NULL; +#if OPENSSL_VERSION_NUMBER < 0x10100000L + if ((bio = BIO_new(BIO_s_file_internal())) == NULL) +#else if ((bio = BIO_new(BIO_s_file())) == NULL) +#endif return NULL; if (BIO_read_filename(bio, file) <= 0) { BIO_free(bio);