Use RSA_generate_key_ex where available.

svn:r17804
2024-11-24 04:13:28 +01:00 · 2008-12-29 02:20:57 +00:00 · 2008-12-29 02:20:57 +00:00 · b0a8ecd193
commit b0a8ecd193
parent 46f8ef8116
2 changed files with 28 additions and 0 deletions
--- a/2
+++ b/2
@ -4,6 +4,8 @@ Changes in version 0.2.1.10-alpha - 2009-01-??
      of which countries we've seen clients from recently. Now controllers
      like Vidalia can show bridge operators that they're actually making
      a difference.
+    - Build correctly against versions of OpenSSL 0.9.8 or later built
+      without support for deprecated functions.

  o Minor bugfixes (performance):
    - Squeeze 2-5% out of client performance (according to oprofile) by
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@ -406,7 +406,33 @@ crypto_pk_generate_key(crypto_pk_env_t *env)

  if (env->key)
    RSA_free(env->key);
+#if OPENSSL_VERSION_NUMBER < 0x00908000l
+  /* In openssl 0.9.7, RSA_generate_key is all we have. */
  env->key = RSA_generate_key(PK_BYTES*8,65537, NULL, NULL);
+#else
+  /* In openssl 0.9.8, RSA_generate_key is deprecated. */
+  {
+    BIGNUM *e = BN_new();
+    RSA *r = NULL;
+    if (!e)
+      goto done;
+    if (! BN_set_word(e, 65537))
+      goto done;
+    r = RSA_new();
+    if (!r)
+      goto done;
+    if (RSA_generate_key_ex(r, PK_BYTES*8, e, NULL) == -1)
+      goto done;
+
+    env->key = r;
+    r = NULL;
+  done:
+    if (e)
+      BN_free(e);
+    if (r)
+      RSA_free(r);
+    }
+#endif
  if (!env->key) {
    crypto_log_errors(LOG_WARN, "generating RSA key");
    return -1;