Skip to content
Permalink
Browse files

openssl: builds with OpenSSL 1.1.0-pre5

The RSA, DSA and DH structs are now opaque and require use of new APIs

Fixes #763
  • Loading branch information
bagder committed Apr 21, 2016
1 parent 99980cf commit cfe16c22d7891a1f65ea8cd4c5352504a2afbddc
Showing with 72 additions and 1 deletion.
  1. +72 −1 lib/vtls/openssl.c
@@ -114,6 +114,7 @@
#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
#define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
#endif

#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
@@ -2231,12 +2232,18 @@ static void pubkey_show(struct SessionHandle *data,
push_certinfo(namebuf, num);
}

#ifdef HAVE_OPAQUE_RSA_DSA_DH
#define print_pubkey_BN(_type, _name, _num) \
pubkey_show(data, mem, _num, #_type, #_name, _name)

#else
#define print_pubkey_BN(_type, _name, _num) \
do { \
if(_type->_name) { \
pubkey_show(data, mem, _num, #_type, #_name, _type->_name); \
} \
} WHILE_FALSE
#endif

static int X509V3_ext(struct SessionHandle *data,
int certnum,
@@ -2396,9 +2403,35 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#else
rsa = pubkey->pkey.rsa;
#endif

#ifdef HAVE_OPAQUE_RSA_DSA_DH
{
BIGNUM *n;
BIGNUM *e;
BIGNUM *d;
BIGNUM *p;
BIGNUM *q;
BIGNUM *dmp1;
BIGNUM *dmq1;
BIGNUM *iqmp;

RSA_get0_key(rsa, &n, &e, &d);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
BN_print(mem, n);
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
print_pubkey_BN(rsa, d, i);
print_pubkey_BN(rsa, p, i);
print_pubkey_BN(rsa, q, i);
print_pubkey_BN(rsa, dmp1, i);
print_pubkey_BN(rsa, dmq1, i);
print_pubkey_BN(rsa, iqmp, i);
}
#else
BIO_printf(mem, "%d", BN_num_bits(rsa->n));
push_certinfo("RSA Public Key", i);

print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
print_pubkey_BN(rsa, d, i);
@@ -2407,6 +2440,8 @@ static CURLcode get_cert_chain(struct connectdata *conn,
print_pubkey_BN(rsa, dmp1, i);
print_pubkey_BN(rsa, dmq1, i);
print_pubkey_BN(rsa, iqmp, i);
#endif

break;
}
case EVP_PKEY_DSA:
@@ -2417,11 +2452,30 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#else
dsa = pubkey->pkey.dsa;
#endif
#ifdef HAVE_OPAQUE_RSA_DSA_DH
{
BIGNUM *p;
BIGNUM *q;
BIGNUM *g;
BIGNUM *priv_key;
BIGNUM *pub_key;

DSA_get0_pqg(dsa, &p, &q, &g);
DSA_get0_key(dsa, &pub_key, &priv_key);

print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
}
#else
print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
#endif
break;
}
case EVP_PKEY_DH:
@@ -2432,10 +2486,27 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#else
dh = pubkey->pkey.dh;
#endif
#ifdef HAVE_OPAQUE_RSA_DSA_DH
{
BIGNUM *p;
BIGNUM *q;
BIGNUM *g;
BIGNUM *priv_key;
BIGNUM *pub_key;
DH_get0_pqg(dh, &p, &q, &g);
DH_get0_key(dh, &pub_key, &priv_key);
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, q, i);
print_pubkey_BN(dh, g, i);
print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
}
#else
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, g, i);
print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
#endif
break;
}
#if 0

0 comments on commit cfe16c2

Please sign in to comment.
You can’t perform that action at this time.