mod_ssl: Remove warning over potential uninitialised value

ylavic · ylavic · commit 9f6b21a7abaf · 2025-06-10T10:54:44.000Z
for ssl protocol prior to protocol selection. Merges r1924757 trunk Submitted by: minfrin Reviewed by: minfrin, rpluem, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1926321 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.64
 
+  *) mod_ssl: Remove warning over potential uninitialised value
+     for ssl protocol prior to protocol selection.
+     [Graham Leggett]
+
   *) mod_proxy: Reuse ProxyRemote connections when possible, like prior
      to 2.4.59.  [Jean-Frederic Clere, Yann Ylavic]
 
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
@@ -618,7 +618,12 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s,
     int protocol = mctx->protocol;
     SSLSrvConfigRec *sc = mySrvConfig(s);
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    int prot;
+    /* default is highest supported version, will be overridden below */
+#if SSL_HAVE_PROTOCOL_TLSV1_3
+    int prot = TLS1_3_VERSION;
+#else
+    int prot = TLS1_2_VERSION;
+#endif
 #endif
 
     /*
