From e0431681ad3243a1b62f6165f50ea385e903ecdc Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Fri, 25 Sep 2009 23:31:24 +0000
Subject: [PATCH] On OpenSSL 0.9.8 and newer, use RSA_generate_key_ex since
 RSA_generate_key is deprecated

---
 libraries/libldap/tls_o.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index f572d03f82..6707e29153 100644
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -1066,10 +1066,25 @@ static RSA *
 tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
 {
 	RSA *tmp_rsa;
-
 	/* FIXME:  Pregenerate the key on startup */
 	/* FIXME:  Who frees the key? */
+#if OPENSSL_VERSION_NUMBER > 0x00908000
+	BIGNUM *bn = BN_new();
+	if ( bn ) {
+		if ( BN_set_word( bn, RSA_F4 )) {
+			tmp_rsa = RSA_new();
+			if ( tmp_rsa && !RSA_generate_key_ex( tmp_rsa, key_length, bn, NULL )) {
+				RSA_free( tmp_rsa );
+				tmp_rsa = NULL;
+			}
+		}
+		BN_free( bn );
+	} else {
+		tmp_rsa = NULL;
+	}
+#else
 	tmp_rsa = RSA_generate_key( key_length, RSA_F4, NULL, NULL );
+#endif
 
 	if ( !tmp_rsa ) {
 		Debug( LDAP_DEBUG_ANY,
-- 
2.39.5