diff options
| author | Yann Ylavic <ylavic@apache.org> | 2023-03-19 22:33:51 +0100 |
|---|---|---|
| committer | Yann Ylavic <ylavic@apache.org> | 2023-03-19 22:33:51 +0100 |
| commit | 022842d4ca2bf80bc6e11c9aeaba1b14c28b953f (patch) | |
| tree | b6465536c5d24f599721cc0e6b46e643506b747a | |
| parent | mod_ssl: Fix deprecation warnings with openssl-3. (diff) | |
| download | apache2-022842d4ca2bf80bc6e11c9aeaba1b14c28b953f.tar.xz apache2-022842d4ca2bf80bc6e11c9aeaba1b14c28b953f.zip | |
mod_md: Fix compat warnings with OpenSSL 3.0.
* md/md_crypt.c(md_pkey_get_rsa_e64, md_pkey_get_rsa_n64):
Replace deprecated RSA api with EVP_PKEY_get_bn_param on openssl >= 3.0.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908539 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | modules/md/md_crypt.c | 43 |
1 files changed, 31 insertions, 12 deletions
diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c index f2b0cd5487..e0b1a2f75a 100644 --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c @@ -32,6 +32,9 @@ #include <openssl/rand.h> #include <openssl/rsa.h> #include <openssl/x509v3.h> +#if OPENSSL_VERSION_NUMBER >= 0x30000000L +#include <openssl/core_names.h> +#endif #include "md.h" #include "md_crypt.h" @@ -988,26 +991,42 @@ static const char *bn64(const BIGNUM *b, apr_pool_t *p) const char *md_pkey_get_rsa_e64(md_pkey_t *pkey, apr_pool_t *p) { - const BIGNUM *e; +#if OPENSSL_VERSION_NUMBER < 0x30000000L RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey); - - if (!rsa) { - return NULL; + if (rsa) { + const BIGNUM *e; + RSA_get0_key(rsa, NULL, &e, NULL); + return bn64(e, p); } - RSA_get0_key(rsa, NULL, &e, NULL); - return bn64(e, p); +#else + BIGNUM *e = NULL; + if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_E, &e)) { + const char *e64 = bn64(e, p); + BN_free(e); + return e64; + } +#endif + return NULL; } const char *md_pkey_get_rsa_n64(md_pkey_t *pkey, apr_pool_t *p) { - const BIGNUM *n; +#if OPENSSL_VERSION_NUMBER < 0x30000000L RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey); - - if (!rsa) { - return NULL; + if (rsa) { + const BIGNUM *n; + RSA_get0_key(rsa, &n, NULL, NULL); + return bn64(n, p); } - RSA_get0_key(rsa, &n, NULL, NULL); - return bn64(n, p); +#else + BIGNUM *n = NULL; + if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_N, &n)) { + const char *n64 = bn64(n, p); + BN_free(n); + return n64; + } +#endif + return NULL; } apr_status_t md_crypt_sign64(const char **psign64, md_pkey_t *pkey, apr_pool_t *p, |