From 5a148b5b9dba64ed60894854f39dc113c1737d2a Mon Sep 17 00:00:00 2001 From: Graham Leggett Date: Thu, 3 Apr 2025 14:36:16 +0000 Subject: [PATCH] mod_ssl: Remove warning over potential uninitialised value for ssl protocol prior to protocol selection. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1924757 13f79535-47bb-0310-9956-ffa450edef68 --- changes-entries/ssl_prot.txt | 5 +++++ modules/ssl/ssl_engine_init.c | 7 ++++++- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 changes-entries/ssl_prot.txt diff --git a/changes-entries/ssl_prot.txt b/changes-entries/ssl_prot.txt new file mode 100644 index 0000000000..788fc2a368 --- /dev/null +++ b/changes-entries/ssl_prot.txt @@ -0,0 +1,5 @@ + + *) mod_ssl: Remove warning over potential uninitialised value + for ssl protocol prior to protocol selection. + [Graham Leggett] + diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 33ef4c4d7b..86c8e32357 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -664,7 +664,12 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, SSLSrvConfigRec *sc = mySrvConfig(s); #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x20800000L) - int prot; + /* default is highest supported version, will be overridden below */ +#if SSL_HAVE_PROTOCOL_TLSV1_3 + int prot = TLS1_3_VERSION; +#else + int prot = TLS1_2_VERSION; +#endif #endif /*