Welcome! Log In Create A New Profile

Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function

Forum List Message List New Topic Print View

Maxim Dounin

July 08, 2014 09:52PM

Hello!

On Tue, Jul 08, 2014 at 03:22:21AM -0700, Piotr Sikora wrote:

> Hey Maxim,
>
> > I don't think it's time to remove it, but as I previously said, I
> > will be fine with something like this:
> >
> > diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> > --- a/src/event/ngx_event_openssl.c
> > +++ b/src/event/ngx_event_openssl.c
> > @@ -652,12 +652,16 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn
> > {
> > static RSA *key;
> >
> > +#ifndef OPENSSL_NO_DEPRECATED
> > +
> > if (key_length == 512) {
> > if (key == NULL) {
> > key = RSA_generate_key(512, RSA_F4, NULL, NULL);
> > }
> > }
> >
> > +#endif
> > +
> > return key;
> > }
> >
> >
> > This won't change anything for normal builds, but will allow test
> > builds with OPENSSL_NO_DEPRECATED defined.
>
> I'd prefer to see the RSA_generate_key_ex() being used (even though
> it's more complex interface), but I don't care enough to fight over
> this, so I guess your patch is "good enough", however I'd like to see
> my patch #2 applied first (i.e. if key_length != 512 return NULL), so
> that only RSA_generate_key() is being guarded.

Committed with other patches of this series, thanks.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 1 of 4] SSL: include correct OpenSSL headers	Piotr Sikora	654	July 06, 2014 07:52PM
[PATCH 2 of 4] SSL: return temporary RSA key only when the key length matches	Piotr Sikora	350	July 06, 2014 07:52PM
[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	388	July 06, 2014 07:52PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	369	July 06, 2014 09:14PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	332	July 06, 2014 10:18PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	634	July 07, 2014 09:06AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	345	July 07, 2014 06:04PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	519	July 07, 2014 07:34PM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Piotr Sikora	286	July 08, 2014 06:24AM
Re: [PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function	Maxim Dounin	441	July 08, 2014 09:52PM
[PATCH 4 of 4] SSL: stop accessing SSL_SESSION's fields directly	Piotr Sikora	413	July 06, 2014 07:52PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 295

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018