[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r17804: {tor} Use RSA_generate_key_ex where available.  (in tor/trunk: . src/common)
Author: nickm
Date: 2008-12-28 21:20:57 -0500 (Sun, 28 Dec 2008)
New Revision: 17804
Modified:
   tor/trunk/ChangeLog
   tor/trunk/src/common/crypto.c
Log:
Use RSA_generate_key_ex where available.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2008-12-29 01:47:33 UTC (rev 17803)
+++ tor/trunk/ChangeLog	2008-12-29 02:20:57 UTC (rev 17804)
@@ -4,6 +4,8 @@
       of which countries we've seen clients from recently. Now controllers
       like Vidalia can show bridge operators that they're actually making
       a difference.
+    - Build correctly against versions of OpenSSL 0.9.8 or later built
+      without support for deprecated functions.
 
   o Minor bugfixes (performance):
     - Squeeze 2-5% out of client performance (according to oprofile) by
Modified: tor/trunk/src/common/crypto.c
===================================================================
--- tor/trunk/src/common/crypto.c	2008-12-29 01:47:33 UTC (rev 17803)
+++ tor/trunk/src/common/crypto.c	2008-12-29 02:20:57 UTC (rev 17804)
@@ -406,7 +406,33 @@
 
   if (env->key)
     RSA_free(env->key);
+#if OPENSSL_VERSION_NUMBER < 0x00908000l
+  /* In openssl 0.9.7, RSA_generate_key is all we have. */
   env->key = RSA_generate_key(PK_BYTES*8,65537, NULL, NULL);
+#else
+  /* In openssl 0.9.8, RSA_generate_key is deprecated. */
+  {
+    BIGNUM *e = BN_new();
+    RSA *r = NULL;
+    if (!e)
+      goto done;
+    if (! BN_set_word(e, 65537))
+      goto done;
+    r = RSA_new();
+    if (!r)
+      goto done;
+    if (RSA_generate_key_ex(r, PK_BYTES*8, e, NULL) == -1)
+      goto done;
+
+    env->key = r;
+    r = NULL;
+  done:
+    if (e)
+      BN_free(e);
+    if (r)
+      RSA_free(r);
+    }
+#endif
   if (!env->key) {
     crypto_log_errors(LOG_WARN, "generating RSA key");
     return -1;