[PATCH 3 of 4] SSL: stop using deprecated RSA_generate_key() function
Piotr Sikora
piotr at cloudflare.com
Sun Jul 6 23:50:50 UTC 2014
# HG changeset patch
# User Piotr Sikora <piotr at cloudflare.com>
# Date 1404690074 25200
# Sun Jul 06 16:41:14 2014 -0700
# Node ID e015093a00f2d8ebdbcdd8adcb16d87b291765f8
# Parent 2ca8a17cedfd35da799b258d5d17427d7bee62b2
SSL: stop using deprecated RSA_generate_key() function.
Fixes build with -DOPENSSL_NO_DEPRECATED.
Signed-off-by: Piotr Sikora <piotr at cloudflare.com>
diff -r 2ca8a17cedfd -r e015093a00f2 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Sun Jul 06 16:41:13 2014 -0700
+++ b/src/event/ngx_event_openssl.c Sun Jul 06 16:41:14 2014 -0700
@@ -650,6 +650,10 @@ RSA *
ngx_ssl_rsa512_key_callback(ngx_ssl_conn_t *ssl_conn, int is_export,
int key_length)
{
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+ RSA *rsa;
+ BIGNUM *e;
+#endif
static RSA *key;
if (key_length != 512) {
@@ -657,7 +661,42 @@ ngx_ssl_rsa512_key_callback(ngx_ssl_conn
}
if (key == NULL) {
+
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+
+ rsa = RSA_new();
+ if (rsa == NULL) {
+ return NULL;
+ }
+
+ e = BN_new();
+ if (e == NULL) {
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ if (BN_set_word(e, RSA_F4) == 0) {
+ BN_free(e);
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ if (RSA_generate_key_ex(rsa, 512, e, NULL) == 0) {
+ BN_free(e);
+ RSA_free(rsa);
+ return NULL;
+ }
+
+ BN_free(e);
+
+ key = rsa;
+
+#else
+
key = RSA_generate_key(512, RSA_F4, NULL, NULL);
+
+#endif
+
}
return key;
More information about the nginx-devel
mailing list