#include <openssl/rand.h>
#endif
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
+#include <time.h>
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
unsigned long e = RSA_F4;
FILE *fp;
- if (access(file_crpt_file_key, R_OK) == 0) {
+ if (access(keyfilename, R_OK) == 0) {
return;
}
// write the key file
fp = fopen(keyfilename, "w");
if (fp != NULL) {
- chmod(file_crpt_file_key, 0600);
+ chmod(keyfilename, 0600);
if (PEM_write_RSAPrivateKey(fp, /* the file */
rsa, /* the key */
NULL, /* no enc */
NULL /* no callbk */
) != 1) {
syslog(LOG_ERR, "crypto: cannot write key: %s", ERR_reason_error_string(ERR_get_error()));
- unlink(file_crpt_file_key);
+ unlink(keyfilename);
}
fclose(fp);
}
}
-
-
void init_ssl(void)
{
const SSL_METHOD *ssl_method;
if (req) {
if (cer = X509_new(), cer != NULL) {
-
ASN1_INTEGER_set(X509_get_serialNumber(cer), 0);
- X509_set_issuer_name(cer, req->req_info->subject);
- X509_set_subject_name(cer, req->req_info->subject);
+ X509_set_issuer_name(cer, X509_REQ_get_subject_name(req));
+ X509_set_subject_name(cer, X509_REQ_get_subject_name(req));
X509_gmtime_adj(X509_get_notBefore(cer),0);
X509_gmtime_adj(X509_get_notAfter(cer),(long)60*60*24*SIGN_DAYS);
req_pkey = X509_REQ_get_pubkey(req);
CC->ssl = NULL;
return;
}
- BIO_set_close(CC->ssl->rbio, BIO_NOCLOSE);
+ // BIO_set_close(CC->ssl->rbio, BIO_NOCLOSE); not needed anymore in openssl 1.1 ?
bits = SSL_CIPHER_get_bits(SSL_get_current_cipher(CC->ssl), &alg_bits);
syslog(LOG_INFO, "crypto: SSL/TLS using %s on %s (%d of %d bits)",
SSL_CIPHER_get_name(SSL_get_current_cipher(CC->ssl)),