From: Doug MacEachern <dougm@apache.org>
Date: Wed, 27 Mar 2002 18:19:44 +0000 (+0000)
Subject: add modssl_dh_configure() function to fold some duplication in
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f8cb727c3dfe3e5e1a93ae918e7ee8fb1f5ec57;p=thirdparty%2Fapache%2Fhttpd.git

add modssl_dh_configure() function to fold some duplication in
get_dh{512,1024} and provide toolkit compat for sslc 2.x


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94225 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/ssl_engine_dh.c b/ssl_engine_dh.c
index 4eaae84c430..e6440839cdd 100644
--- a/ssl_engine_dh.c
+++ b/ssl_engine_dh.c
@@ -103,16 +103,10 @@ static unsigned char dh512_g[] =
 
 static DH *get_dh512(void)
 {
-    DH *dh;
-
-    if ((dh = DH_new()) == NULL)
-        return (NULL);
-    dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
-    dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
-    if ((dh->p == NULL) || (dh->g == NULL))
-        return (NULL);
-    return (dh);
+    return modssl_dh_configure(dh512_p, sizeof(dh512_p),
+                               dh512_g, sizeof(dh512_g));
 }
+
 static unsigned char dh1024_p[] =
 {
     0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
@@ -134,15 +128,8 @@ static unsigned char dh1024_g[] =
 
 static DH *get_dh1024(void)
 {
-    DH *dh;
-
-    if ((dh = DH_new()) == NULL)
-        return (NULL);
-    dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
-    dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
-    if ((dh->p == NULL) || (dh->g == NULL))
-        return (NULL);
-    return (dh);
+    return modssl_dh_configure(dh1024_p, sizeof(dh1024_p),
+                               dh1024_g, sizeof(dh1024_g));
 }
 /* ----END GENERATED SECTION---------- */
 
diff --git a/ssl_util_ssl.c b/ssl_util_ssl.c
index 750e3a2316f..c2a0ca23508 100644
--- a/ssl_util_ssl.c
+++ b/ssl_util_ssl.c
@@ -566,3 +566,31 @@ int modssl_session_get_time(SSL_SESSION *session)
     return CRYPTO_time_to_int(&ct);
 #endif
 }
+
+#ifndef SSLC_VERSION_NUMBER
+#define SSLC_VERSION_NUMBER 0x0000
+#endif
+
+DH *modssl_dh_configure(unsigned char *p, int plen,
+                        unsigned char *g, int glen)
+{
+    DH *dh;
+
+    if (!(dh = DH_new())) {
+        return NULL;
+    }
+
+#if defined(OPENSSL_VERSION_NUMBER) || (SSLC_VERSION_NUMBER < 0x2000)
+    dh->p = BN_bin2bn(p, plen, NULL);
+    dh->g = BN_bin2bn(g, glen, NULL);
+    if (!(dh->p && dh->g)) {
+        DH_free(dh);
+        return NULL;
+    }
+#else
+    R_EITEMS_add(dh->data, PK_TYPE_DH, PK_DH_P, 0, p, plen, R_EITEMS_PF_COPY);
+    R_EITEMS_add(dh->data, PK_TYPE_DH, PK_DH_G, 0, g, glen, R_EITEMS_PF_COPY);
+#endif
+
+    return dh;
+}
diff --git a/ssl_util_ssl.h b/ssl_util_ssl.h
index 6cf7fccb859..cb5208b7aee 100644
--- a/ssl_util_ssl.h
+++ b/ssl_util_ssl.h
@@ -106,4 +106,7 @@ BOOL        SSL_load_CrtAndKeyInfo_path(apr_pool_t *, STACK_OF(X509_INFO) *, cha
 int         SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, int (*)(char*,int,int,void*));
 char       *SSL_SESSION_id2sz(unsigned char *, int, char *, int);
 
+DH *modssl_dh_configure(unsigned char *p, int plen,
+                        unsigned char *g, int glen);
+
 #endif /* __SSL_UTIL_SSL_H__ */