Welcome! Log In Create A New Profile

Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function

Forum List Message List New Topic Print View

Piotr Sikora

July 07, 2014 06:04PM

Hey Maxim,

> It's marked as deprecated in master branch, but not in the latest
> release. Try looking into the latest release docs, 1.0.1h -
> doc/crypto/RSA_generate_key.pod doesn't even mention
> RSA_generate_key_ex.

It's been deprecated before OpenSSL-0.9.8 release, see git history [1].

OpenSSL's documentation is terrible source of information and that's
not news - nginx itself is using a lot of undocumented functions,
especially in the OCSP stapling code.

> Sure, it can and likely will be helpful. In this particular case
> the replacement code seems to be too long though. For
> development needs, it will probably be enough to just return NULL
> if OPENSSL_NO_DEPRECATED is defined.

Sigh, I really don't think that the amount of code is really a problem
here... But if you're really unhappy with it, maybe let's just remove
the callback altogether? It's not like it's used with nginx's default
ciphers list and I'm not aware of anything since Windows NT 4.0 that
would require it.

[1] https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9d473aa2e4076beb959bc9701786a0860877ee12

Best regards,
Piotr Sikora

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 1 of 4] SSL: include correct OpenSSL headers	Piotr Sikora	662	July 06, 2014 07:52PM
[PATCH 2 of 4] SSL: return temporary RSA key only when the key length matches	Piotr Sikora	354	July 06, 2014 07:52PM
[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	393	July 06, 2014 07:52PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	372	July 06, 2014 09:14PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	336	July 06, 2014 10:18PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	638	July 07, 2014 09:06AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	350	July 07, 2014 06:04PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	522	July 07, 2014 07:34PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	290	July 08, 2014 06:24AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	446	July 08, 2014 09:52PM
[PATCH 4 of 4] SSL: stop accessing SSL_SESSION's fields directly	Piotr Sikora	418	July 06, 2014 07:52PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 156

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018