提交 eb77ebe2 编写于 作者: G Geoff Thorpe

Update tunala so it builds ok with OPENSSL_NO_DEPRECATED, and improve the

autoungunk.sh logic (autobits have grown since I last tried this...).
上级 f5e2354c
...@@ -15,4 +15,5 @@ fi ...@@ -15,4 +15,5 @@ fi
rm -f aclocal.m4 config.* configure install-sh \ rm -f aclocal.m4 config.* configure install-sh \
missing mkinstalldirs stamp-h.* Makefile.in \ missing mkinstalldirs stamp-h.* Makefile.in \
ltconfig ltmain.sh ltconfig ltmain.sh depcomp
rm -rf autom4te.cache
...@@ -134,8 +134,27 @@ RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength) ...@@ -134,8 +134,27 @@ RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength)
/* TODO: Perhaps make it so our global key can be generated on-the-fly /* TODO: Perhaps make it so our global key can be generated on-the-fly
* after certain intervals? */ * after certain intervals? */
static RSA *rsa_tmp = NULL; static RSA *rsa_tmp = NULL;
if(!rsa_tmp) BIGNUM *bn = NULL;
rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL, NULL); int ok = 1;
if(!rsa_tmp) {
ok = 0;
if(!(bn = BN_new()))
goto end;
if(!BN_set_word(bn, RSA_F4))
goto end;
if(!(rsa_tmp = RSA_new()))
goto end;
if(!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
goto end;
ok = 1;
}
end:
if(bn)
BN_free(bn);
if(!ok) {
RSA_free(rsa_tmp);
rsa_tmp = NULL;
}
return rsa_tmp; return rsa_tmp;
} }
......
...@@ -697,9 +697,11 @@ static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file, const char *dh_special) ...@@ -697,9 +697,11 @@ static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file, const char *dh_special)
abort(); abort();
fprintf(stderr, "Info, generating DH parameters ... "); fprintf(stderr, "Info, generating DH parameters ... ");
fflush(stderr); fflush(stderr);
if((dh = DH_generate_parameters(512, DH_GENERATOR_5, if(!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
NULL, NULL)) == NULL) { DH_GENERATOR_5, NULL)) {
fprintf(stderr, "error!\n"); fprintf(stderr, "error!\n");
if(dh)
DH_free(dh);
return 0; return 0;
} }
fprintf(stderr, "complete\n"); fprintf(stderr, "complete\n");
...@@ -733,7 +735,7 @@ static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id, ...@@ -733,7 +735,7 @@ static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
unsigned int verify_depth) unsigned int verify_depth)
{ {
SSL_CTX *ctx = NULL, *ret = NULL; SSL_CTX *ctx = NULL, *ret = NULL;
SSL_METHOD *meth; const SSL_METHOD *meth;
ENGINE *e = NULL; ENGINE *e = NULL;
OpenSSL_add_ssl_algorithms(); OpenSSL_add_ssl_algorithms();
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册