You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2023/03/19 21:33:51 UTC
svn commit: r1908539 - /httpd/httpd/trunk/modules/md/md_crypt.c
Author: ylavic
Date: Sun Mar 19 21:33:51 2023
New Revision: 1908539
URL: http://svn.apache.org/viewvc?rev=1908539&view=rev
Log:
mod_md: Fix compat warnings with OpenSSL 3.0.
* md/md_crypt.c(md_pkey_get_rsa_e64, md_pkey_get_rsa_n64):
Replace deprecated RSA api with EVP_PKEY_get_bn_param on openssl >= 3.0.
Modified:
httpd/httpd/trunk/modules/md/md_crypt.c
Modified: httpd/httpd/trunk/modules/md/md_crypt.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_crypt.c?rev=1908539&r1=1908538&r2=1908539&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_crypt.c (original)
+++ httpd/httpd/trunk/modules/md/md_crypt.c Sun Mar 19 21:33:51 2023
@@ -32,6 +32,9 @@
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/x509v3.h>
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#include <openssl/core_names.h>
+#endif
#include "md.h"
#include "md_crypt.h"
@@ -988,26 +991,42 @@ static const char *bn64(const BIGNUM *b,
const char *md_pkey_get_rsa_e64(md_pkey_t *pkey, apr_pool_t *p)
{
- const BIGNUM *e;
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey);
-
- if (!rsa) {
- return NULL;
+ if (rsa) {
+ const BIGNUM *e;
+ RSA_get0_key(rsa, NULL, &e, NULL);
+ return bn64(e, p);
}
- RSA_get0_key(rsa, NULL, &e, NULL);
- return bn64(e, p);
+#else
+ BIGNUM *e = NULL;
+ if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_E, &e)) {
+ const char *e64 = bn64(e, p);
+ BN_free(e);
+ return e64;
+ }
+#endif
+ return NULL;
}
const char *md_pkey_get_rsa_n64(md_pkey_t *pkey, apr_pool_t *p)
{
- const BIGNUM *n;
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey);
-
- if (!rsa) {
- return NULL;
+ if (rsa) {
+ const BIGNUM *n;
+ RSA_get0_key(rsa, &n, NULL, NULL);
+ return bn64(n, p);
}
- RSA_get0_key(rsa, &n, NULL, NULL);
- return bn64(n, p);
+#else
+ BIGNUM *n = NULL;
+ if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_N, &n)) {
+ const char *n64 = bn64(n, p);
+ BN_free(n);
+ return n64;
+ }
+#endif
+ return NULL;
}
apr_status_t md_crypt_sign64(const char **psign64, md_pkey_t *pkey, apr_pool_t *p,