[or-cvs] r17804: {tor} Use RSA_generate_key_ex where available. (in tor/trunk: . src/common)
nickm at seul.org
nickm at seul.org
Mon Dec 29 02:20:57 UTC 2008
Author: nickm
Date: 2008-12-28 21:20:57 -0500 (Sun, 28 Dec 2008)
New Revision: 17804
Modified:
tor/trunk/ChangeLog
tor/trunk/src/common/crypto.c
Log:
Use RSA_generate_key_ex where available.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2008-12-29 01:47:33 UTC (rev 17803)
+++ tor/trunk/ChangeLog 2008-12-29 02:20:57 UTC (rev 17804)
@@ -4,6 +4,8 @@
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
a difference.
+ - Build correctly against versions of OpenSSL 0.9.8 or later built
+ without support for deprecated functions.
o Minor bugfixes (performance):
- Squeeze 2-5% out of client performance (according to oprofile) by
Modified: tor/trunk/src/common/crypto.c
===================================================================
--- tor/trunk/src/common/crypto.c 2008-12-29 01:47:33 UTC (rev 17803)
+++ tor/trunk/src/common/crypto.c 2008-12-29 02:20:57 UTC (rev 17804)
@@ -406,7 +406,33 @@
if (env->key)
RSA_free(env->key);
+#if OPENSSL_VERSION_NUMBER < 0x00908000l
+ /* In openssl 0.9.7, RSA_generate_key is all we have. */
env->key = RSA_generate_key(PK_BYTES*8,65537, NULL, NULL);
+#else
+ /* In openssl 0.9.8, RSA_generate_key is deprecated. */
+ {
+ BIGNUM *e = BN_new();
+ RSA *r = NULL;
+ if (!e)
+ goto done;
+ if (! BN_set_word(e, 65537))
+ goto done;
+ r = RSA_new();
+ if (!r)
+ goto done;
+ if (RSA_generate_key_ex(r, PK_BYTES*8, e, NULL) == -1)
+ goto done;
+
+ env->key = r;
+ r = NULL;
+ done:
+ if (e)
+ BN_free(e);
+ if (r)
+ RSA_free(r);
+ }
+#endif
if (!env->key) {
crypto_log_errors(LOG_WARN, "generating RSA key");
return -1;
More information about the tor-commits
mailing list