From: Rainer Jung <rjung@apache.org>
Date: Wed, 10 Aug 2016 19:52:41 +0000 (+0000)
Subject: Support for OpenSSL 1.1.0:
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4984a65bdba37ba38f125ed3f555df5970132eb3;p=thirdparty%2Fapache%2Fhttpd.git

Support for OpenSSL 1.1.0:
- don't check for SSLeay_version() in configure
  The function no longer exists in 1.1.0.
  It was replaced by OpenSSL_version().
- Switch between SSLeay_version(U) and
  OpenSSL_version() depending on version
  in modules/ssl/ssl_util_ssl.h.
- Use MODSSL_LIBRARY_DYNTEXT everywhere.

Backport of r1728981 from trunk.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-openssl-1.1.0-compat@1755817 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/acinclude.m4 b/acinclude.m4
index bbe6d5cd7b4..3b14481e3fb 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -586,7 +586,7 @@ AC_DEFUN([APACHE_CHECK_OPENSSL],[
       dnl Run library and function checks
       liberrors=""
       AC_CHECK_HEADERS([openssl/engine.h])
-      AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
+      AC_CHECK_FUNCS([SSL_CTX_new], [], [liberrors="yes"])
       AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines RAND_egd])
       if test "x$liberrors" != "x"; then
         AC_MSG_WARN([OpenSSL libraries are unusable])
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index ff99063f0de..d92d519a420 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -153,7 +153,7 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
                      "Init: this version of mod_ssl was compiled against "
                      "a newer library (%s, version currently loaded is %s)"
                      " - may result in undefined or erroneous behavior",
-                     MODSSL_LIBRARY_TEXT, SSLeay_version(SSLEAY_VERSION));
+                     MODSSL_LIBRARY_TEXT, MODSSL_LIBRARY_DYNTEXT);
     }
 
     /* We initialize mc->pid per-process in the child init,
@@ -1725,7 +1725,7 @@ apr_status_t ssl_init_CheckServers(server_rec *base_server, apr_pool_t *p)
                      "an OpenSSL version with support for TLS extensions "
                      "(RFC 6066 - Server Name Indication / SNI), "
                      "but the currently used library version (%s) is "
-                     "lacking this feature", SSLeay_version(SSLEAY_VERSION));
+                     "lacking this feature", MODSSL_LIBRARY_DYNTEXT);
     }
 #endif
 
diff --git a/modules/ssl/ssl_util_ssl.h b/modules/ssl/ssl_util_ssl.h
index 5f7483195c8..ec00d9f4da7 100644
--- a/modules/ssl/ssl_util_ssl.h
+++ b/modules/ssl/ssl_util_ssl.h
@@ -41,7 +41,11 @@
 #define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER
 #define MODSSL_LIBRARY_NAME    "OpenSSL"
 #define MODSSL_LIBRARY_TEXT    OPENSSL_VERSION_TEXT
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 #define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)
+#else
+#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION)
+#endif
 
 /**
  *  Maximum length of a DER encoded session.