Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c

2017-02-16 Thread Yann Ylavic 
On Fri, Feb 17, 2017 at 12:18 AM, William A Rowe Jr  wrote:
> On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic  wrote:
>>
>> Shouldn't this commit (and follow ups) be merged in
>> branches/2.4.x-openssl-1.1.0-compat ?
>
> Yes; however it isn't clear to me what that branch is; a patch management
> branch? or something else?

Not sure either, I think Rainer first created it for the merge, but
since it was later rebased I don't know. Not sure it is fully
synchronized either.

>
> Also wondering if the follow-up patch is actually required... wouldn't we be
> just as safe using BIO_s_file() with older openssl flavors? I found the patch
> in the early work on compatibility, but it seems we've dropped the conditional
> in the current trunk/ sources.

BIO_s_file_internal() seems to be a WIN16 thing, so I guess we can remove it :)

Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c

2017-02-16 Thread William A Rowe Jr 
On Thu, Feb 16, 2017 at 4:45 PM, Yann Ylavic  wrote:
> On Thu, Feb 16, 2017 at 10:26 PM,   wrote:
>> Author: wrowe
>> Date: Thu Feb 16 21:26:34 2017
>> New Revision: 1783305
>>
>> URL: http://svn.apache.org/viewvc?rev=1783305=rev
>> Log:
>> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone.
>
> Shouldn't this commit (and follow ups) be merged in
> branches/2.4.x-openssl-1.1.0-compat ?

Yes; however it isn't clear to me what that branch is; a patch management
branch? or something else?

Also wondering if the follow-up patch is actually required... wouldn't we be
just as safe using BIO_s_file() with older openssl flavors? I found the patch
in the early work on compatibility, but it seems we've dropped the conditional
in the current trunk/ sources.

@@ -357,7 +357,11 @@ static STACK_OF(X509) *modssl_read_ocsp_
 unsigned long err;
 STACK_OF(X509) *other_certs = NULL;

+#if OPENSSL_VERSION_NUMBER < 0x1010L
+if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+#else
 if ((bio = BIO_new(BIO_s_file())) == NULL)
+#endif
 return NULL;
 if (BIO_read_filename(bio, file) <= 0) {
 BIO_free(bio);

Re: svn commit: r1783305 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c

2017-02-16 Thread Yann Ylavic 
On Thu, Feb 16, 2017 at 10:26 PM,   wrote:
> Author: wrowe
> Date: Thu Feb 16 21:26:34 2017
> New Revision: 1783305
>
> URL: http://svn.apache.org/viewvc?rev=1783305=rev
> Log:
> Fix OpenSSL 1.1.0 breakage in r1781575; BIO_s_file_internal() is gone.

Shouldn't this commit (and follow ups) be merged in
branches/2.4.x-openssl-1.1.0-compat ?