[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 200/205: openssl: don't try to print nonexistant pe
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 200/205: openssl: don't try to print nonexistant peer private keys |
Date: |
Thu, 20 Apr 2017 16:22:20 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.0
in repository gnurl.
commit 997504ea50887c80a0f90b88bb1778aad75f7ee9
Author: David Benjamin <address@hidden>
AuthorDate: Mon Apr 17 10:20:26 2017 -0400
openssl: don't try to print nonexistant peer private keys
X.509 certificates carry public keys, not private keys. Fields
corresponding to the private half of the key will always be NULL.
Closes #1425
---
lib/vtls/openssl.c | 32 +++-----------------------------
1 file changed, 3 insertions(+), 29 deletions(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 3650c99c9..ee0761576 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2628,38 +2628,18 @@ static CURLcode get_cert_chain(struct connectdata *conn,
{
const BIGNUM *n;
const BIGNUM *e;
- const BIGNUM *d;
- const BIGNUM *p;
- const BIGNUM *q;
- const BIGNUM *dmp1;
- const BIGNUM *dmq1;
- const BIGNUM *iqmp;
- RSA_get0_key(rsa, &n, &e, &d);
- RSA_get0_factors(rsa, &p, &q);
- RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+ RSA_get0_key(rsa, &n, &e, NULL);
BN_print(mem, n);
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
- print_pubkey_BN(rsa, d, i);
- print_pubkey_BN(rsa, p, i);
- print_pubkey_BN(rsa, q, i);
- print_pubkey_BN(rsa, dmp1, i);
- print_pubkey_BN(rsa, dmq1, i);
- print_pubkey_BN(rsa, iqmp, i);
}
#else
BIO_printf(mem, "%d", BN_num_bits(rsa->n));
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);
- print_pubkey_BN(rsa, d, i);
- print_pubkey_BN(rsa, p, i);
- print_pubkey_BN(rsa, q, i);
- print_pubkey_BN(rsa, dmp1, i);
- print_pubkey_BN(rsa, dmq1, i);
- print_pubkey_BN(rsa, iqmp, i);
#endif
break;
@@ -2678,23 +2658,20 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *g;
- const BIGNUM *priv_key;
const BIGNUM *pub_key;
DSA_get0_pqg(dsa, &p, &q, &g);
- DSA_get0_key(dsa, &pub_key, &priv_key);
+ DSA_get0_key(dsa, &pub_key, NULL);
print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
- print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
}
#else
print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i);
- print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i);
#endif
#endif /* !OPENSSL_NO_DSA */
@@ -2713,20 +2690,17 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *g;
- const BIGNUM *priv_key;
const BIGNUM *pub_key;
DH_get0_pqg(dh, &p, &q, &g);
- DH_get0_key(dh, &pub_key, &priv_key);
+ DH_get0_key(dh, &pub_key, NULL);
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, q, i);
print_pubkey_BN(dh, g, i);
- print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
}
#else
print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, g, i);
- print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i);
#endif
break;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 139/205: docs/index.html: removed, was not shipped anyway, (continued)
- [GNUnet-SVN] [gnurl] 139/205: docs/index.html: removed, was not shipped anyway, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 173/205: BUGS: "Bugs in old versions", gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 158/205: tests: added test for Curl_splaygetbest to unit1309, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 146/205: tests/server/util: remove in6addr_any for recent MinGW, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 165/205: nss: fix build after e60fe20fdf94e829ba5fce33f7a9d6c281149f7d, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 187/205: tests/server/util: prefer <poll.h> over <sys/poll.h>, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 153/205: RELEASE-NOTES: synced with 4f2e348f9b42c69c480, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 190/205: mbedtls: fix memory leak in error path, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 189/205: curl-compilers.m4: turn implicit function declarations into errors, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 172/205: system.h: add section for tcc, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 200/205: openssl: don't try to print nonexistant peer private keys,
gnunet <=
- [GNUnet-SVN] [gnurl] 188/205: test1541: also test for CURL_PULL_WS2TCPIP_H, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 205/205: Patchset for gnURL microfork: * Patches to rename libcurl to libgnurl by Christian * Updated for latest curl using git cherry-pick by Jeff, Florian, ng0 * Patches to fix the testsuite (deleted tests/data/test1139, renamed reference from libcurl.* to libgnurl.*) by ng0 * Added guix-gnurl.scm which can be used to build this with guix prior to installing it. (author: ng0), gnunet, 2017/04/20