You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@httpd.apache.org by GitBox <gi...@apache.org> on 2021/05/19 11:18:03 UTC

[GitHub] [httpd] bigio commented on a change in pull request #188: Try using SSL_CTX_set_dh_auto() which is present in 1.1.1 and later.

bigio commented on a change in pull request #188:
URL: https://github.com/apache/httpd/pull/188#discussion_r635142691



##########
File path: modules/ssl/ssl_private.h
##########
@@ -1150,10 +1150,12 @@ void ssl_init_ocsp_certificates(server_rec *s, modssl_ctx_t *mctx);
 
 #endif
 
+#ifndef MODSSL_USE_OPENSSL_PRE_1_1_API

Review comment:
       Adding MODSSL_USE_OPENSSL_PRE_1_1_API define in the LIBRESSL_VERSION < 0x2060000f case makes it build with libressl-2.5.5. The code builds with Libressl 3.3.3 as well.
   ```
   diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
   index 7eb9a364b0..5ba968be41 100644
   --- a/modules/ssl/ssl_private.h
   +++ b/modules/ssl/ssl_private.h
   @@ -137,6 +137,7 @@
            SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
    #define SSL_CTX_set_max_proto_version(ctx, version) \
            SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
   +#define MODSSL_USE_OPENSSL_PRE_1_1_API (1)
    #elif LIBRESSL_VERSION_NUMBER < 0x2070000f
    /* LibreSSL before 2.7 declares OPENSSL_VERSION_NUMBER == 2.0 but does not
     * include most changes from OpenSSL >= 1.1 (new functions, macros,
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@httpd.apache.org
For additional commands, e-mail: notifications-help@httpd.apache.org