summaryrefslogtreecommitdiffstats
path: root/support/ab.c
diff options
context:
space:
mode:
authorRainer Jung <rjung@apache.org>2018-03-16 10:22:51 +0100
committerRainer Jung <rjung@apache.org>2018-03-16 10:22:51 +0100
commit9deb01664f68f189852fbe752d66632f2665120d (patch)
treee6d1c9d50bca9d6dce3b311d0121a9f5bd85faab /support/ab.c
parentAxe more backported entries. (diff)
downloadapache2-9deb01664f68f189852fbe752d66632f2665120d.tar.xz
apache2-9deb01664f68f189852fbe752d66632f2665120d.zip
ab: Disable printing temp key for OpenSSL before
version 1.0.2. SSL_get_server_tmp_key is not available there. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1826930 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'support/ab.c')
-rw-r--r--support/ab.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/support/ab.c b/support/ab.c
index a7c4df8c6c..224bd69f99 100644
--- a/support/ab.c
+++ b/support/ab.c
@@ -353,7 +353,9 @@ int is_ssl;
SSL_CTX *ssl_ctx;
char *ssl_cipher = NULL;
char *ssl_info = NULL;
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
char *ssl_tmp_key = NULL;
+#endif
BIO *bio_out,*bio_err;
#ifdef HAVE_TLSEXT
int tls_use_sni = 1; /* used by default, -I disables it */
@@ -733,6 +735,7 @@ static void ssl_proceed_handshake(struct connection *c)
SSL_CIPHER_get_name(ci),
pk_bits, sk_bits);
}
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
if (ssl_tmp_key == NULL) {
EVP_PKEY *key;
if (SSL_get_server_tmp_key(c->ssl, &key)) {
@@ -752,9 +755,7 @@ static void ssl_proceed_handshake(struct connection *c)
EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
EC_KEY_free(ec);
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
cname = EC_curve_nid2nist(nid);
-#endif
if (!cname)
cname = OBJ_nid2sn(nid);
@@ -773,6 +774,7 @@ static void ssl_proceed_handshake(struct connection *c)
EVP_PKEY_free(key);
}
}
+#endif
write_request(c);
do_next = 0;
break;
@@ -936,9 +938,11 @@ static void output_results(int sig)
if (is_ssl && ssl_info) {
printf("SSL/TLS Protocol: %s\n", ssl_info);
}
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
if (is_ssl && ssl_tmp_key) {
printf("Server Temp Key: %s\n", ssl_tmp_key);
}
+#endif
#ifdef HAVE_TLSEXT
if (is_ssl && tls_sni) {
printf("TLS Server Name: %s\n", tls_sni);