On OpenSSL 0.9.8 and newer, use RSA_generate_key_ex since

author Howard Chu <hyc@openldap.org>

Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)

committer Howard Chu <hyc@openldap.org>

Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)
author Howard Chu <hyc@openldap.org>
Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)
committer Howard Chu <hyc@openldap.org>
Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)
diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c

index f572d03f82abc7951ba47f12d077d75aa8b4004e..6707e291536038cd58f81ac6679876c63902f190 100644 (file)
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -1066,10 +1066,25 @@ static RSA *
  tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
  {
         RSA *tmp_rsa;
-
         /* FIXME:  Pregenerate the key on startup */
         /* FIXME:  Who frees the key? */
+#if OPENSSL_VERSION_NUMBER > 0x00908000
+       BIGNUM *bn = BN_new();
+       if ( bn ) {
+               if ( BN_set_word( bn, RSA_F4 )) {
+                       tmp_rsa = RSA_new();
+                       if ( tmp_rsa && !RSA_generate_key_ex( tmp_rsa, key_length, bn, NULL )) {
+                               RSA_free( tmp_rsa );
+                               tmp_rsa = NULL;
+                       }
+               }
+               BN_free( bn );
+       } else {
+               tmp_rsa = NULL;
+       }
+#else
         tmp_rsa = RSA_generate_key( key_length, RSA_F4, NULL, NULL );
+#endif
  
         if ( !tmp_rsa ) {
                 Debug( LDAP_DEBUG_ANY,
author	Howard Chu <hyc@openldap.org>
	Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)
committer	Howard Chu <hyc@openldap.org>
	Fri, 25 Sep 2009 23:31:24 +0000 (23:31 +0000)