From 4982f465586aaef0f7d4941e5c885e3eaadd3980 Mon Sep 17 00:00:00 2001
From: Daniel Ruf <daniel@daniel-ruf.de>
Date: Thu, 26 Feb 2026 12:17:02 +0100
Subject: [PATCH] Prevent Y2038 bug by using SSL_SESSION_get_time_ex

The previous function is deprecated, see:
* https://github.com/openssl/openssl/commit/00a6d0743a38e179f5f9b5de4b73be9fcec0bb4c
* https://github.com/openssl/openssl/issues/23648
* https://github.com/openssl/openssl/pull/21206
---
 modules/ssl/ssl_engine_kernel.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 513923c87bf..158380ab989 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1966,7 +1966,7 @@ int ssl_callback_NewSessionCacheEntry(SSL *ssl, SSL_SESSION *session)
 #endif
 
     rc = ssl_scache_store(s, id, idlen,
-                          apr_time_from_sec(SSL_SESSION_get_time(session)
+                          apr_time_from_sec(SSL_SESSION_get_time_ex(session)
                                           + timeout),
                           session, conn->pool);