Welcome! Log In Create A New Profile

[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function

Forum List Message List New Topic Print View

Piotr Sikora

July 06, 2014 07:52PM

# HG changeset patch
# User Piotr Sikora <piotr@cloudflare.com>
# Date 1404690074 25200
# Sun Jul 06 16:41:14 2014 -0700
# Node ID e015093a00f2d8ebdbcdd8adcb16d87b291765f8
# Parent 2ca8a17cedfd35da799b258d5d17427d7bee62b2
SSL: stop using deprecated RSA_generate_key() function.

Fixes build with -DOPENSSL_NO_DEPRECATED.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>

diff -r 2ca8a17cedfd -r e015093a00f2 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Sun Jul 06 16:41:13 2014 -0700
+++ b/src/event/ngx_event_openssl.c Sun Jul 06 16:41:14 2014 -0700
@@ -650,6 +650,10 @@ RSA *
ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export,
int key_length)
{
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+ RSA *rsa;
+ BIGNUM *e;
+#endif
static RSA *key;

if (key_length != 512) {
@@ -657,7 +661,42 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn
}

if (key == NULL) {
+
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+
+ rsa = RSA_new();
+ if (rsa == NULL) {
+ return NULL;
+ }
+
+ e = BN_new();
+ if (e == NULL) {
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ if (BN_set_word(e, RSA_F4) == 0) {
+ BN_free(e);
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ if (RSA_generate_key_ex(rsa, 512, e, NULL) == 0) {
+ BN_free(e);
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ BN_free(e);
+
+ key = rsa;
+
+#else
+
key = RSA_generate_key(512, RSA_F4, NULL, NULL);
+
+#endif
+
}

return key;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 1 of 4] SSL: include correct OpenSSL headers	Piotr Sikora	662	July 06, 2014 07:52PM
[PATCH 2 of 4] SSL: return temporary RSA key only when the key length matches	Piotr Sikora	354	July 06, 2014 07:52PM
[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	392	July 06, 2014 07:52PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	372	July 06, 2014 09:14PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	336	July 06, 2014 10:18PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	638	July 07, 2014 09:06AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	350	July 07, 2014 06:04PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	522	July 07, 2014 07:34PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	290	July 08, 2014 06:24AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	446	July 08, 2014 09:52PM
[PATCH 4 of 4] SSL: stop accessing SSL_SESSION's fields directly	Piotr Sikora	418	July 06, 2014 07:52PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 146

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018