Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 67172 invoked from network); 17 Oct 2010 16:31:10 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 17 Oct 2010 16:31:10 -0000 Received: (qmail 31509 invoked by uid 500); 17 Oct 2010 16:31:10 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 31455 invoked by uid 500); 17 Oct 2010 16:31:10 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 31448 invoked by uid 99); 17 Oct 2010 16:31:10 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 17 Oct 2010 16:31:10 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 17 Oct 2010 16:31:09 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 873B123888FD; Sun, 17 Oct 2010 16:30:13 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1023521 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_init.c ssl_toolkit_compat.h Date: Sun, 17 Oct 2010 16:30:13 -0000 To: cvs@httpd.apache.org From: drh@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101017163013.873B123888FD@eris.apache.org> Author: drh Date: Sun Oct 17 16:30:13 2010 New Revision: 1023521 URL: http://svn.apache.org/viewvc?rev=1023521&view=rev Log: Avoid use of deprecated RSA_generate_key() function. Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1023521&r1=1023520&r2=1023521&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original) +++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Sun Oct 17 16:30:13 2010 @@ -90,7 +90,25 @@ static int ssl_tmp_key_init_rsa(server_r } #endif - +#ifdef HAVE_GENERATE_EX + { + RSA *tkey; + BIGNUM *bn_f4; + if (!(tkey == RSA_new()) + || !(bn_f4 == BN_new()) + || !BN_set_word(bn_f4, RSA_F4) + || !RSA_generate_key_ex(tkey, bits, bn_f4, NULL)) + { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, + "Init: Failed to generate temporary " + "%d bit RSA private key", bits); + ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s); + return !OK; + } + BN_free(bn_f4); + mc->pTmpKeys[idx] = tkey; + } +#else if (!(mc->pTmpKeys[idx] = RSA_generate_key(bits, RSA_F4, NULL, NULL))) { @@ -100,6 +118,7 @@ static int ssl_tmp_key_init_rsa(server_r ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s); return !OK; } +#endif return OK; } Modified: httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h?rev=1023521&r1=1023520&r2=1023521&view=diff ============================================================================== --- httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h (original) +++ httpd/httpd/trunk/modules/ssl/ssl_toolkit_compat.h Sun Oct 17 16:30:13 2010 @@ -48,6 +48,10 @@ #include #endif +#if (OPENSSL_VERSION_NUMBER >= 0x00908000) +#define HAVE_GENERATE_EX +#endif + /* ECC support came along in OpenSSL 1.0.0 */ #if (OPENSSL_VERSION_NUMBER < 0x10000000) #define OPENSSL_NO_EC