Skip to content

Commit 807bcf1

Browse files
matyhtfmatyhtf
committed
Remove some outdated OpenSSL-related code.
1 parent 1a68380 commit 807bcf1

File tree

1 file changed

+20
-34
lines changed

1 file changed

+20
-34
lines changed

src/protocol/ssl.cc

Lines changed: 20 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -37,9 +37,6 @@ static int ssl_port_index = 0;
3737
static pthread_mutex_t *lock_array;
3838

3939
static int swoole_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
40-
#ifndef OPENSSL_NO_RSA
41-
static RSA *swoole_ssl_rsa_key_callback(SSL *ssl, int is_export, int key_length);
42-
#endif
4340
#if OPENSSL_VERSION_NUMBER < 0x10100000L
4441
static int swoole_ssl_set_default_dhparam(SSL_CTX *ssl_context);
4542
#endif
@@ -556,10 +553,6 @@ bool SSLContext::set_ciphers() {
556553
}
557554
}
558555

559-
#ifndef OPENSSL_NO_RSA
560-
SSL_CTX_set_tmp_rsa_callback(context, swoole_ssl_rsa_key_callback);
561-
#endif
562-
563556
if (!dhparam.empty() && !set_dhparam()) {
564557
return false;
565558
}
@@ -664,7 +657,6 @@ bool SSLContext::set_ecdh_curve() {
664657
}
665658

666659
bool SSLContext::set_dhparam() {
667-
DH *dh;
668660
BIO *bio;
669661

670662
const char *file = dhparam.c_str();
@@ -675,7 +667,24 @@ bool SSLContext::set_dhparam() {
675667
return false;
676668
}
677669

678-
dh = PEM_read_bio_DHparams(bio, nullptr, nullptr, nullptr);
670+
#if OPENSSL_VERSION_MAJOR >= 3
671+
EVP_PKEY *pkey = PEM_read_bio_Parameters(bio, nullptr);
672+
if (pkey == nullptr) {
673+
swoole_warning("PEM_read_bio_Parameters('%s') failed", file);
674+
BIO_free(bio);
675+
return false;
676+
}
677+
678+
if (SSL_CTX_set0_tmp_dh_pkey(context, pkey) != 1) {
679+
swoole_warning("SSL_CTX_set0_tmp_dh_pkey('%s') failed", file);
680+
EVP_PKEY_free(pkey);
681+
BIO_free(bio);
682+
return false;
683+
}
684+
685+
EVP_PKEY_free(pkey);
686+
#else
687+
DH *dh = PEM_read_bio_DHparams(bio, nullptr, nullptr, nullptr);
679688
if (dh == nullptr) {
680689
swoole_warning("PEM_read_bio_DHparams(%s) failed", file);
681690
BIO_free(bio);
@@ -685,6 +694,8 @@ bool SSLContext::set_dhparam() {
685694
SSL_CTX_set_tmp_dh(context, dh);
686695

687696
DH_free(dh);
697+
#endif
698+
688699
BIO_free(bio);
689700

690701
return true;
@@ -806,31 +817,6 @@ static int swoole_ssl_verify_cookie(SSL *ssl, const uchar *cookie, uint cookie_l
806817
}
807818
#endif
808819

809-
#ifndef OPENSSL_NO_RSA
810-
static RSA *swoole_ssl_rsa_key_callback(SSL *ssl, int is_export, int key_length) {
811-
static RSA *rsa_tmp = nullptr;
812-
if (rsa_tmp) {
813-
return rsa_tmp;
814-
}
815-
816-
BIGNUM *bn = BN_new();
817-
if (bn == nullptr) {
818-
swoole_warning("allocation error generating RSA key");
819-
return nullptr;
820-
}
821-
822-
if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == nullptr) ||
823-
!RSA_generate_key_ex(rsa_tmp, key_length, bn, nullptr)) {
824-
if (rsa_tmp) {
825-
RSA_free(rsa_tmp);
826-
}
827-
rsa_tmp = nullptr;
828-
}
829-
BN_free(bn);
830-
return rsa_tmp;
831-
}
832-
#endif
833-
834820
#if OPENSSL_VERSION_NUMBER < 0x10100000L
835821
static int swoole_ssl_set_default_dhparam(SSL_CTX *ssl_context) {
836822
DH *dh;

0 commit comments

Comments
 (0)