I'm checking an older version of mod_ssl but there are a couple of other uninteresting format string warnings from gcc. I think it's portable to assume time_t is a long...
--- ./ssl_engine_io.c.warnings 2002-02-23 18:45:45.000000000 +0000 +++ ./ssl_engine_io.c 2004-07-16 22:02:32.000000000 +0100 @@ -680,7 +680,7 @@ } if (trunc > 0) ssl_log(srvr, SSL_LOG_DEBUG|SSL_NO_TIMESTAMP|SSL_NO_LEVELID, - "| %04x - <SPACES/NULS>", len + trunc); + "| %04lx - <SPACES/NULS>", len + trunc); ssl_log(srvr, SSL_LOG_DEBUG|SSL_NO_TIMESTAMP|SSL_NO_LEVELID, "+-------------------------------------------------------------------------+"); return; --- ./mod_ssl.h.warnings 2004-07-16 21:52:26.000000000 +0100 +++ ./mod_ssl.h 2004-07-16 21:58:19.000000000 +0100 @@ -806,7 +806,9 @@ /* Logfile Support */ void ssl_log_open(server_rec *, server_rec *, pool *); BOOL ssl_log_applies(server_rec *, int); -void ssl_log(server_rec *, int, const char *, ...); +void ssl_log(server_rec *, int, const char *, ...) + __attribute__((format(printf,3,4))); + void ssl_die(void); /* Variables */ --- ./ssl_engine_kernel.c.warnings 2004-07-16 21:52:26.000000000 +0100 +++ ./ssl_engine_kernel.c 2004-07-16 22:00:41.000000000 +0100 @@ -1807,7 +1807,7 @@ * Log this cache operation */ ssl_log(s, SSL_LOG_TRACE, "Inter-Process Session Cache: " - "request=SET status=%s id=%s timeout=%ds (session caching)", + "request=SET status=%s id=%s timeout=%lds (session caching)", rc == TRUE ? "OK" : "BAD", SSL_SESSION_id2sz(pNew->session_id, pNew->session_id_length), t-time(NULL)); ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]