Created attachment 34180 [details] openssl 1.1 support Hi, This is an initial patch to support OpenSSL 1.1.0. This is not a complete patch yet, but I'm filing it so that others won't be doing the same. It compiles against the 1.1.0 version. It doesn't build with the 1.0.2 version yet. It's also untested.
Created attachment 34182 [details] Support for OpenSSL 1.1.0 Here is an updated patch that is tested to build with both 1.1.0 and 1.0.2
There is support for openssl 1.1 in trunk in the apache httpd svn repo and there is some work in progress for backporting it to 2.4 in a separate branch http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/ It may make sense to compare that with your work, though.
*** Bug 60111 has been marked as a duplicate of this bug. ***
Hi All, Thanks a lot for your help, it's magic! working with these patches. Just to note that I get some warnings, could you confirm please the following are normal and without impact (sorry, I'm new in linux): WARNING WHEN PATCHs APPLIED ========================== ssl_util_stapling.c: In function 'ssl_stapling_init_cert': ssl_util_stapling.c:183:8: warning: passing argument 1 of 'OPENSSL_sk_value' from incompatible pointer type [enabled by default] cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0)); ^ In file included from /usr/local/openssl/openssl-1.1.0/include/openssl/crypto.h:28:0, from /usr/local/openssl/openssl-1.1.0/include/openssl/comp.h:16, from /usr/local/openssl/openssl-1.1.0/include/openssl/ssl.h:47, from ssl_private.h:90, from ssl_util_stapling.c:31: /usr/local/openssl/openssl-1.1.0/include/openssl/stack.h:24:7: note: expected 'const struct OPENSSL_STACK *' but argument is of type 'struct stack_st_OPENSSL_STRING *' WARNING AFTER MAKE ========================== v/main -I/usr/local/src/httpd-2.4.23/modules/generators -I/usr/local/src/httpd-2.4.23/modules/mappers -prefer-pic -c ssl_engine_kernel.c && touch ssl_engine_kernel.slo ssl_engine_kernel.c: In function 'ssl_hook_Access': ssl_engine_kernel.c:629:41: warning: initialization discards 'const' qualifier from pointer target type [enabled by default] SSL_CIPHER *value = sk_SSL_CIPHER_value(cipher_list, n); ssl_util_stapling.c: In function 'ssl_stapling_init_cert': ssl_util_stapling.c:183:8: warning: passing argument 1 of 'OPENSSL_sk_value' from incompatible pointer type [enabled by default] cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0)); ... ... ... ^ In file included from /usr/local/openssl/openssl-1.1.0/include/openssl/crypto.h:28:0, from /usr/local/openssl/openssl-1.1.0/include/openssl/comp.h:16, from /usr/local/openssl/openssl-1.1.0/include/openssl/ssl.h:47, from ssl_private.h:90, from ssl_util_stapling.c:31: /usr/local/openssl/openssl-1.1.0/include/openssl/stack.h:24:7: note: expected 'const struct OPENSSL_STACK *' but argument is of type 'struct stack_st_OPENSSL_STRING *' void *OPENSSL_sk_value(const OPENSSL_STACK *, int);