mod_ssl: Remove warning over potential uninitialised value

for ssl protocol prior to protocol selection.

Merges r1924757 trunk
Submitted by: minfrin
Reviewed by: minfrin, rpluem, covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1926321 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index c1f86c206ca56fe358f5c47bb14818964b0ce755..b7bd6055425670e24b6d69da2d772e87711c8502 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.64
 
+  *) mod_ssl: Remove warning over potential uninitialised value
+     for ssl protocol prior to protocol selection.
+     [Graham Leggett]
+
   *) mod_proxy: Reuse ProxyRemote connections when possible, like prior
      to 2.4.59.  [Jean-Frederic Clere, Yann Ylavic]
 

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 7d0fabe4eff77f4eef3fa4fa499d881fd28cb451..f9eca79e462c19b2777ea5842b922f47c5bba0bf 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -618,7 +618,12 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s,
     int protocol = mctx->protocol;
     SSLSrvConfigRec *sc = mySrvConfig(s);
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    int prot;
+    /* default is highest supported version, will be overridden below */
+#if SSL_HAVE_PROTOCOL_TLSV1_3
+    int prot = TLS1_3_VERSION;
+#else
+    int prot = TLS1_2_VERSION;
+#endif
 #endif
 
     /*