mod_ssl: follow up to r1876934: wrap DH_bits()

DH_get0_p() seems to be undefined for some openssl versions, so it can't
be used to implement DH_bits() generically.

Add new a modssl_DH_bits() wrapper to call DH_bits() for openssl < 3,
and BN_num_bits(DH_get0_p(dh)) otherwise.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1876938 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index b48ff73009a4d27ffae6f9f2f8a8b20b3f639880..5fc25881c4ba2d3c89bb8cd13041aa5474a9d3db 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -1322,6 +1322,15 @@ static int ssl_no_passwd_prompt_cb(char *buf, int size, int rwflag,
    return 0;
 }
 
+static APR_INLINE int modssl_DH_bits(DH *dh)
+{
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+    return DH_bits(dh);
+#else
+    return BN_num_bits(DH_get0_p(dh));
+#endif
+}
+
 static apr_status_t ssl_init_server_certs(server_rec *s,
                                           apr_pool_t *p,
                                           apr_pool_t *ptemp,
@@ -1521,7 +1530,7 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
         SSL_CTX_set_tmp_dh(mctx->ssl_ctx, dh);
         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02540)
                      "Custom DH parameters (%d bits) for %s loaded from %s",
-                     BN_num_bits(DH_get0_p(dh)), vhost_id, certfile);
+                     modssl_DH_bits(dh), vhost_id, certfile);
         DH_free(dh);
     }