[Privoxy-commits] [privoxy] 01/03: OpenSSL generate_key(): Use EVP_RSA_gen() when using OpenSSL 3.0 or later
User Git
git at git.privoxy.org
Thu Jul 11 10:07:45 CEST 2024
This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository privoxy.
commit ec4392e4bb11651c2f8154c526cceddd0dae6646
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Wed Jul 10 19:39:03 2024 +0200
OpenSSL generate_key(): Use EVP_RSA_gen() when using OpenSSL 3.0 or later
Silences a bunch of deprecation warnings:
openssl.c:1523:10: warning: 'RSA_new' is deprecated [-Wdeprecated-declarations]
1523 | rsa = RSA_new();
| ^
/usr/local/include/openssl/rsa.h:201:1: note: 'RSA_new' has been explicitly marked deprecated here
201 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1540:10: warning: 'RSA_generate_key_ex' is deprecated [-Wdeprecated-declarations]
1540 | ret = RSA_generate_key_ex(rsa, RSA_KEYSIZE, exp, NULL);
| ^
/usr/local/include/openssl/rsa.h:260:1: note: 'RSA_generate_key_ex' has been explicitly marked deprecated here
260 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1549:9: warning: 'EVP_PKEY_set1_RSA' is deprecated [-Wdeprecated-declarations]
1549 | if (!EVP_PKEY_set1_RSA(key, rsa))
| ^
/usr/local/include/openssl/evp.h:1345:1: note: 'EVP_PKEY_set1_RSA' has been explicitly marked deprecated here
1345 | OSSL_DEPRECATEDIN_3_0
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
openssl.c:1592:7: warning: 'RSA_free' is deprecated [-Wdeprecated-declarations]
1592 | RSA_free(rsa);
| ^
/usr/local/include/openssl/rsa.h:293:1: note: 'RSA_free' has been explicitly marked deprecated here
293 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
| ^
/usr/local/include/openssl/macros.h:182:49: note: expanded from macro 'OSSL_DEPRECATEDIN_3_0'
182 | # define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
| ^
/usr/local/include/openssl/macros.h:62:52: note: expanded from macro 'OSSL_DEPRECATED'
62 | # define OSSL_DEPRECATED(since) __attribute__((deprecated))
| ^
---
openssl.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/openssl.c b/openssl.c
index 39f46531..97cfc2b0 100644
--- a/openssl.c
+++ b/openssl.c
@@ -1495,8 +1495,10 @@ static int generate_key(struct client_state *csp, char **key_buf)
{
int ret = 0;
char* key_file_path;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
BIGNUM *exp;
RSA *rsa;
+#endif
EVP_PKEY *key;
key_file_path = make_certs_path(csp->config->certificate_directory,
@@ -1515,6 +1517,7 @@ static int generate_key(struct client_state *csp, char **key_buf)
return 0;
}
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
exp = BN_new();
rsa = RSA_new();
key = EVP_PKEY_new();
@@ -1547,6 +1550,9 @@ static int generate_key(struct client_state *csp, char **key_buf)
ret = -1;
goto exit;
}
+#else
+ key = EVP_RSA_gen(RSA_KEYSIZE);
+#endif
/*
* Exporting private key into file
@@ -1563,6 +1569,7 @@ exit:
/*
* Freeing used variables
*/
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
if (exp)
{
BN_free(exp);
@@ -1571,6 +1578,7 @@ exit:
{
RSA_free(rsa);
}
+#endif
if (key)
{
EVP_PKEY_free(key);
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Privoxy-commits
mailing list