From: Doug MacEachern Date: Thu, 28 Mar 2002 02:28:06 +0000 (+0000) Subject: copy DSA params to server server during key import X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d7e013e40938460844806e0d3c8edb98cecb8dea;p=thirdparty%2Fapache%2Fhttpd.git copy DSA params to server server during key import git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94257 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/ssl_engine_init.c b/ssl_engine_init.c index ad0a156c89c..e55a7cced39 100644 --- a/ssl_engine_init.c +++ b/ssl_engine_init.c @@ -729,6 +729,20 @@ static int ssl_server_import_key(server_rec *s, ssl_die(); } + /* + * XXX: wonder if this is still needed, this is old todo doc. + * (see http://www.psy.uq.edu.au/~ftp/Crypto/ssleay/TODO.html) + */ + if ((pkey_type == EVP_PKEY_DSA) && sc->pPublicCert[idx]) { + EVP_PKEY *pubkey = X509_get_pubkey(sc->pPublicCert[idx]); + + if (pubkey && EVP_PKEY_missing_parameters(pubkey)) { + EVP_PKEY_copy_parameters(pubkey, pkey); + ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR|SSL_INIT, + "Copying DSA parameters from private key to certificate"); + } + } + sc->pPrivateKey[idx] = pkey; return TRUE; @@ -804,7 +818,6 @@ void ssl_init_ConfigureServer(server_rec *s, { const char *rsa_id, *dsa_id; const char *vhost_id = sc->szVHostID; - EVP_PKEY *pkey; SSL_CTX *ctx; int i; int have_rsa, have_dsa; @@ -861,23 +874,6 @@ void ssl_init_ConfigureServer(server_rec *s, "Oops, no RSA or DSA server private key found?!"); ssl_die(); } - - /* - * Optionally copy DSA parameters for certificate from private key - * (see http://www.psy.uq.edu.au/~ftp/Crypto/ssleay/TODO.html) - */ - if (sc->pPublicCert[SSL_AIDX_DSA] && - sc->pPrivateKey[SSL_AIDX_DSA]) - { - pkey = X509_get_pubkey(sc->pPublicCert[SSL_AIDX_DSA]); - - if (pkey && (EVP_PKEY_key_type(pkey) == EVP_PKEY_DSA) && - EVP_PKEY_missing_parameters(pkey)) - { - EVP_PKEY_copy_parameters(pkey, - sc->pPrivateKey[SSL_AIDX_DSA]); - } - } } void ssl_init_CheckServers(server_rec *base_server, apr_pool_t *p)