projects
/
citadel.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
5eac979
)
remove DH parameter stuff that isn't needed and doesn't work with newer openssl
author
Art Cancro
<ajc@citadel.org>
Thu, 26 Oct 2017 03:18:51 +0000
(23:18 -0400)
committer
Art Cancro
<ajc@citadel.org>
Thu, 26 Oct 2017 03:18:51 +0000
(23:18 -0400)
citadel/modules/crypto/serv_crypto.c
patch
|
blob
|
history
diff --git
a/citadel/modules/crypto/serv_crypto.c
b/citadel/modules/crypto/serv_crypto.c
index eea501d39207fe030b52815f32e2d5c083102099..6296e5dc30d907a6a5731ced30e0882cc071ff7b 100644
(file)
--- a/
citadel/modules/crypto/serv_crypto.c
+++ b/
citadel/modules/crypto/serv_crypto.c
@@
-74,7
+74,6
@@
void destruct_ssl(void)
void init_ssl(void)
{
const SSL_METHOD *ssl_method;
void init_ssl(void)
{
const SSL_METHOD *ssl_method;
- DH *dh;
RSA *rsa=NULL;
X509_REQ *req = NULL;
X509 *cer = NULL;
RSA *rsa=NULL;
X509_REQ *req = NULL;
X509 *cer = NULL;
@@
-136,8
+135,9
@@
void init_ssl(void)
CRYPTO_set_locking_callback(ssl_lock);
CRYPTO_set_id_callback(id_callback);
CRYPTO_set_locking_callback(ssl_lock);
CRYPTO_set_id_callback(id_callback);
+#if 0 // this doesn't work in newer openssl
/* Load DH parameters into the context */
/* Load DH parameters into the context */
- dh = DH_new();
+
DH *
dh = DH_new();
if (!dh) {
syslog(LOG_CRIT, "init_ssl() can't allocate a DH object: %s", ERR_reason_error_string(ERR_get_error()));
SSL_CTX_free(ssl_ctx);
if (!dh) {
syslog(LOG_CRIT, "init_ssl() can't allocate a DH object: %s", ERR_reason_error_string(ERR_get_error()));
SSL_CTX_free(ssl_ctx);
@@
-159,6
+159,7
@@
void init_ssl(void)
dh->length = DH_L;
SSL_CTX_set_tmp_dh(ssl_ctx, dh);
DH_free(dh);
dh->length = DH_L;
SSL_CTX_set_tmp_dh(ssl_ctx, dh);
DH_free(dh);
+#endif // this doesn't work in newer openssl
/* Get our certificates in order.
* First, create the key/cert directory if it's not there already...
/* Get our certificates in order.
* First, create the key/cert directory if it's not there already...