From: Ruediger Pluem <rpluem@apache.org>
Date: Mon, 16 Oct 2023 11:48:06 +0000 (+0000)
Subject: Merge r1912015 from trunk:
X-Git-Tag: 2.4.58-rc2-candidate~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7564d3b12438bda322e699d059577b73c312f0f4;p=thirdparty%2Fapache%2Fhttpd.git

Merge r1912015 from trunk:

mod_ssl: Silence info log message "SSL Library Error: error:0A000126:
         SSL routines::unexpected eof while reading" when using
         OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if
         available. [Rainer Jung]

Reviewed by: rjung, gbechis, rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1913012 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 825621de94b..e5d8f68a596 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -833,6 +833,14 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s,
         SSL_CTX_set_keylog_callback(ctx, modssl_callback_keylog);
     }
 #endif
+
+#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF
+    /* For server-side SSL_CTX, enable ignoring unexpected EOF */
+    /* (OpenSSL 1.1.1 behavioural compatibility).. */
+    if (!mctx->pkp) {
+        SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
+    }
+#endif
     
     return APR_SUCCESS;
 }