Support for OpenSSL 1.1.0:

- 1.1.0-pre3 was relesed - remove pre2 comments which no longer apply - one more struct has been made opaque, use accessor function instead git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1731012 13f79535-47bb-0310-9956-ffa450edef68
2025-08-05 16:55:50 +03:00 · 2016-02-18 07:44:16 +00:00
parent 7d84dae077
commit dc221e7adc
1 changed files with 4 additions and 4 deletions
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1014,10 +1014,6 @@ int ssl_hook_Access(request_rec *r)

            /* Need to trigger renegotiation handshake by reading.
             * Peeking 0 bytes actually works.
-             * The code needs the following patches on top of OpenSSL 1.1.0pre2:
-             * https://github.com/openssl/openssl/commit/311f27852a18fb9c10f0c1283b639f12eea06de2
-             * https://github.com/openssl/openssl/commit/5b326dc529e19194feaef9a65fa37efbe11eaa7e
-             * It is expected to work without changes with the forthcoming 1.1.0pre3.
             * See: http://marc.info/?t=145493359200002&r=1&w=2
             */
            SSL_peek(ssl, peekbuf, 0);
@@ -1543,7 +1539,11 @@ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen)
    SSL_set_current_cert(ssl, SSL_CERT_SET_SERVER);
 #endif
    pkey = SSL_get_privatekey(ssl);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
    type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
+#else
+    type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
+#endif

    /*
     * OpenSSL will call us with either keylen == 512 or keylen == 1024