tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't use deprecated RSA_generate_key 

fixes #4635
This commit is contained in:
Jean Flach 2017-08-25 14:46:35 +02:00 committed by Elias Ohm
parent 81075088f1
commit 9a0d894f10
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lib/base/tlsutility.cpp
View File

@ -336,7 +336,28 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile,
InitializeOpenSSL();
RSA *rsa = RSA_generate_key(4096, RSA_F4, nullptr, nullptr);
RSA *rsa = RSA_new();
BIGNUM *e = BN_new();
if (rsa == NULL || e == NULL) {
Log(LogCritical, "SSL")
<< "Error while creating RSA key: " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("RSA_generate_key")
<< errinfo_openssl_error(ERR_peek_error()));
}
BN_set_word(e, RSA_F4);
if (RSA_generate_key_ex(rsa, 4096, e, NULL) == NULL) {
Log(LogCritical, "SSL")
<< "Error while creating RSA key: " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("RSA_generate_key")
<< errinfo_openssl_error(ERR_peek_error()));
}
BN_free(e);
Log(LogInformation, "base")
<< "Writing private key to '" << keyfile << "'.";