From 367e8ff5cc7da436c293897e745f582d015a8ded Mon Sep 17 00:00:00 2001 From: Bernard Spil Date: Sat, 27 Oct 2018 14:36:41 +0000 Subject: www/apache24: Update to 2.4.37 - Adds TLSv1.3 support with security/openssl111 PR: 232687 Submitted by: Pascal Christen Reported by: Markus Kohlmeyer Reviewed by: ohauer Approved by: joneum Differential Revision: https://reviews.freebsd.org/D17668 --- www/apache24/files/patch-modules_ssl_ssl__engine__init.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'www/apache24/files/patch-modules_ssl_ssl__engine__init.c') diff --git a/www/apache24/files/patch-modules_ssl_ssl__engine__init.c b/www/apache24/files/patch-modules_ssl_ssl__engine__init.c index 1341e4d5eb7d..01515de6a969 100644 --- a/www/apache24/files/patch-modules_ssl_ssl__engine__init.c +++ b/www/apache24/files/patch-modules_ssl_ssl__engine__init.c @@ -1,6 +1,6 @@ --- modules/ssl/ssl_engine_init.c.orig 2018-02-13 23:43:36 UTC +++ modules/ssl/ssl_engine_init.c -@@ -546,7 +546,7 @@ static apr_status_t ssl_init_ctx_protoco +@@ -547,7 +547,7 @@ static apr_status_t ssl_init_ctx_protoco char *cp; int protocol = mctx->protocol; SSLSrvConfigRec *sc = mySrvConfig(s); @@ -9,4 +9,12 @@ int prot; #endif +@@ -1492,7 +1492,7 @@ static apr_status_t ssl_init_proxy_certs + X509_STORE_CTX *sctx; + X509_STORE *store = SSL_CTX_get_cert_store(mctx->ssl_ctx); +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) + /* For OpenSSL >=1.1.1, turn on client cert support which is + * otherwise turned off by default (by design). + * https://github.com/openssl/openssl/issues/6933 */ -- cgit v1.2.3