From dc221e7adcdcd8f10c5cf14515a8c30eb1e13064 Mon Sep 17 00:00:00 2001
From: Rainer Jung <rjung@apache.org>
Date: Thu, 18 Feb 2016 07:44:16 +0000
Subject: [PATCH] Support for OpenSSL 1.1.0: - 1.1.0-pre3 was relesed   -
 remove pre2 comments which no longer apply   - one more struct has been made
 opaque, use     accessor function instead

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1731012 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ssl/ssl_engine_kernel.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index f61f3a33d8..f285498a95 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1014,10 +1014,6 @@ int ssl_hook_Access(request_rec *r)
 
             /* Need to trigger renegotiation handshake by reading.
              * Peeking 0 bytes actually works.
-             * The code needs the following patches on top of OpenSSL 1.1.0pre2:
-             * https://github.com/openssl/openssl/commit/311f27852a18fb9c10f0c1283b639f12eea06de2
-             * https://github.com/openssl/openssl/commit/5b326dc529e19194feaef9a65fa37efbe11eaa7e
-             * It is expected to work without changes with the forthcoming 1.1.0pre3.
              * See: http://marc.info/?t=145493359200002&r=1&w=2
              */
             SSL_peek(ssl, peekbuf, 0);
@@ -1543,7 +1539,11 @@ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen)
     SSL_set_current_cert(ssl, SSL_CERT_SET_SERVER);
 #endif
     pkey = SSL_get_privatekey(ssl);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
+#else
+    type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
+#endif
 
     /*
      * OpenSSL will call us with either keylen == 512 or keylen == 1024