httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <rpl...@apache.org>
Subject Re: svn commit: r1738415 - /httpd/httpd/trunk/support/ab.c
Date Mon, 25 Apr 2016 13:44:40 GMT


On 04/10/2016 12:19 PM, jfclere@apache.org wrote:
> Author: jfclere
> Date: Sun Apr 10 10:19:51 2016
> New Revision: 1738415
> 
> URL: http://svn.apache.org/viewvc?rev=1738415&view=rev
> Log:
> print Server Temp Key information.
> 
> Modified:
>     httpd/httpd/trunk/support/ab.c
> 
> Modified: httpd/httpd/trunk/support/ab.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1738415&r1=1738414&r2=1738415&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/support/ab.c (original)
> +++ httpd/httpd/trunk/support/ab.c Sun Apr 10 10:19:51 2016

> @@ -709,6 +710,39 @@ static void ssl_proceed_handshake(struct
>                               SSL_CIPHER_get_name(ci),
>                               pk_bits, sk_bits);
>              }
> +            if (ssl_tmp_key == NULL) {
> +                EVP_PKEY *key;
> +                if (SSL_get_server_tmp_key(c->ssl, &key)) {
> +                    ssl_tmp_key = xmalloc(128);
> +                    switch (EVP_PKEY_id(key)) {
> +                    case EVP_PKEY_RSA:
> +                        apr_snprintf(ssl_tmp_key, 128, "RSA %d bits",
> +                                     EVP_PKEY_bits(key));
> +                        break;
> +                    case EVP_PKEY_DH:
> +                        apr_snprintf(ssl_tmp_key, 128, "DH %d bits",
> +                                     EVP_PKEY_bits(key));
> +                        break;
> +#ifndef OPENSSL_NO_EC
> +                    case EVP_PKEY_EC: {
> +                        const char *cname;
> +                        EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
> +                        int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
> +                        EC_KEY_free(ec);
> +                        cname = EC_curve_nid2nist(nid);

This breaks compilation with openssl < 1.0.2 which does not have
EC_curve_nid2nist.


> +                        if (!cname)
> +                            cname = OBJ_nid2sn(nid);
> +
> +                        apr_snprintf(ssl_tmp_key, 128, "ECDH %s %d bits",
> +                                     cname,
> +                                     EVP_PKEY_bits(key));
> +                        break;
> +                        }
> +#endif
> +                    }
> +                    EVP_PKEY_free(key);
> +                }
> +            }
>              write_request(c);
>              do_next = 0;
>              break;

Regards

RĂ¼diger


Mime
View raw message