On Fri, Dec 11, 2015 at 10:57 PM, Yann Ylavic <[email protected]> wrote:
> On Fri, Dec 11, 2015 at 10:39 PM, Yann Ylavic <[email protected]> wrote:
>> On Fri, Dec 11, 2015 at 9:21 PM, Rainer Jung <[email protected]> wrote:
>>>
>>> - three compiler warning (2 regressions, one old)
>> []
>>> modules/ssl/ssl_engine_kernel.c:414:22: warning: variable 'hssc' set
>>> but not used [-Wunused-but-set-variable]
>>
>> This one is harmless ('hssc' redeclared and used below in inner scope).
>> But I checked twice since handshakeserver (there) is not checked
>> against NULL like at the initialization.
>> Fortunately the !ssl path above handles the case, so this is simply a
>> double initialization (to the same value), likely optimized away
>> finally...
>>
>> -Wunused-but-set-variable does its job, though.
>
> The original commit in trunk (r1709995) contained:
> @@ -529,7 +672,6 @@ int ssl_hook_Access(request_rec *r)
> */
> if ((dc->nVerifyClient != SSL_CVERIFY_UNSET) ||
> (sc->server->auth.verify_mode != SSL_CVERIFY_UNSET)) {
> - SSLSrvConfigRec *hssc = mySrvConfig(handshakeserver);
>
> /* remember old state */
> verify_old = SSL_get_verify_mode(ssl);
> --
This turned into (r1712567, 2.4.17-protocols-changes):
@@ -554,6 +697,7 @@ int ssl_hook_Access(request_rec *r)
*/
if ((dc->nVerifyClient != SSL_CVERIFY_UNSET) ||
(sc->server->auth.verify_mode != SSL_CVERIFY_UNSET)) {
+
/* remember old state */
verify_old = SSL_get_verify_mode(ssl);
/* configure new state */
--
which was then merged in 2.4.x.
This is the only change which "failed" in r1712567, and trunk and
2.4.x are in sync wrt the changes in 2.4.18, so finally not an issue.
