make sure this works with latest openssl

2019-10-28 09:58:58 +01:00 · 2019-10-28 09:58:58 +01:00 · 58678ff0ad
parent 1a9197ffeb
commit 58678ff0ad
1 changed files with 16 additions and 5 deletions
--- a/src/keymgr.c
+++ b/src/keymgr.c
@ -142,7 +142,7 @@ struct acme_order {
 	char			*domain;
 };

-static char	*keymgr_bignum_base64(BIGNUM *);
+static char	*keymgr_bignum_base64(const BIGNUM *);

 static void	keymgr_acme_init(void);
 static void	keymgr_acme_sign(struct kore_msg *, const void *);
@ -678,9 +678,11 @@ keymgr_ecdsa_sign(struct kore_msg *msg, const void *data, struct key *key)
 static void
 keymgr_acme_init(void)
 {
+	RSA		*rsa;
 	struct key	*key;
 	char		*e, *n;
 	int		needsreg;
+	const BIGNUM	*be, *bn;

 	if (acme_provider == NULL)
 		return;
@ -703,9 +705,18 @@ keymgr_acme_init(void)
 		kore_log(LOG_INFO, "loaded existing ACME account key");
 	}

-	/* XXX - OpenSSL 1.1.x probably denies us doing this. */
-	e = keymgr_bignum_base64(key->pkey->pkey.rsa->e);
-	n = keymgr_bignum_base64(key->pkey->pkey.rsa->n);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	rsa = EVP_PKEY_get0_RSA(key->pkey);
+	be = RSA_get0_e(rsa);
+	bn = RSA_get0_n(rsa);
+#else
+	rsa = key->pkey->pkey.rsa;
+	be = rsa->e;
+	bn = rsa->n;
+#endif
+
+	e = keymgr_bignum_base64(be);
+	n = keymgr_bignum_base64(bn);

 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_E, e, strlen(e));
 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_N, n, strlen(n));
@ -970,7 +981,7 @@ keymgr_x509_ext(X509 *x509, int extnid, const char *fmt, ...)
 }

 static char *
-keymgr_bignum_base64(BIGNUM *bn)
+keymgr_bignum_base64(const BIGNUM *bn)
 {
 	int		len;
 	void		*buf;