Mailing List Archive

https://bz.apache.org/bugzilla/show_bug.cgi?id=66063

--- Comment #1 from florin.spatar@gmail.com ---
I face the same problem. The proposed patch works for me. Thanks.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=66063

Yann Ylavic <ylavic.dev@gmail.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk

--- Comment #2 from Yann Ylavic <ylavic.dev@gmail.com> ---
Checking in trunk (r1901470), with two changes:
- modssl_fips_is_enabled() and modssl_fips_enable() as wrappers (to reduce
#ifdef-ery in the code),
- compatibility check using OPENSSL_VERSION_NUMBER >= 0x30000000L instead of
OPENSSL_CONFIGURED_API >= 30000.

I see that OPENSSL_CONFIGURED_API is set by the OpenSSL Configure script,
right? Is it always set then (with OpenSSL 3)? What do we get from it?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=66063

Yann Ylavic <ylavic.dev@gmail.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED

--- Comment #3 from Yann Ylavic <ylavic.dev@gmail.com> ---
Merged in 2.4.x (r1901586), will be in next release.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=66063

--- Comment #4 from florin.spatar@gmail.com ---
The issue is not fixed.

As Petr Sumbera said, OpenSSL 3 no longer defines OPENSSL_FIPS. That's why, in
the proposed patch, he defined HAVE_FIPS independent of OPENSSL_FIPS for
OpenSSL 3.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

https://bz.apache.org/bugzilla/show_bug.cgi?id=66063

Yann Ylavic <ylavic.dev@gmail.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |---
Status|RESOLVED |REOPENED

--- Comment #5 from Yann Ylavic <ylavic.dev@gmail.com> ---
Argh, I missed to define HAVE_FIPS appropriately for openssl-3+.
Fixed in r1901772.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org