Skip to content

Commit 36e24dd

Browse files
markt-asfmarkt-asf
committed
Replace some deprecated code with OpenSSL 3.0+ equivalent
1 parent c06a4eb commit 36e24dd

3 files changed

Lines changed: 13 additions & 9 deletions

File tree

native/include/ssl_private.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -376,7 +376,7 @@ int SSL_password_callback(char *, int, int, void *);
376376
void SSL_BIO_close(BIO *);
377377
void SSL_BIO_doref(BIO *);
378378
DH *SSL_get_dh_params(unsigned keylen);
379-
DH *SSL_dh_GetParamFromFile(const char *);
379+
EVP_PKEY *SSL_dh_GetParamFromFile(const char *);
380380
#ifdef HAVE_ECC
381381
EC_GROUP *SSL_ec_GetParamFromFile(const char *);
382382
#endif

native/src/sslcontext.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -926,7 +926,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
926926
int nid;
927927
EC_KEY *eckey = NULL;
928928
#endif
929-
DH *dhparams;
929+
EVP_PKEY *evp;
930930

931931
UNREFERENCED(o);
932932
TCN_ASSERT(ctx != 0);
@@ -1001,9 +1001,9 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
10011001
*/
10021002
/* XXX Does this also work for pkcs12 or only for PEM files?
10031003
* If only for PEM files move above to the PEM handling */
1004-
if ((idx == 0) && (dhparams = SSL_dh_GetParamFromFile(cert_file))) {
1005-
SSL_CTX_set_tmp_dh(c->ctx, dhparams);
1006-
DH_free(dhparams);
1004+
if ((idx == 0) && (evp = SSL_dh_GetParamFromFile(cert_file))) {
1005+
SSL_CTX_set0_tmp_dh_pkey(c->ctx, evp);
1006+
EVP_PKEY_free(evp);
10071007
}
10081008

10091009
#ifdef HAVE_ECC

native/src/sslutils.c

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -181,16 +181,20 @@ int SSL_password_callback(char *buf, int bufsiz, int verify,
181181
** Custom (EC)DH parameter support
182182
** _________________________________________________________________
183183
*/
184-
DH *SSL_dh_GetParamFromFile(const char *file)
184+
EVP_PKEY *SSL_dh_GetParamFromFile(const char *file)
185185
{
186-
DH *dh = NULL;
186+
EVP_PKEY *evp = NULL;
187187
BIO *bio;
188188

189189
if ((bio = BIO_new_file(file, "r")) == NULL)
190190
return NULL;
191-
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
191+
evp = PEM_read_bio_Parameters_ex(bio, NULL, NULL, NULL);
192192
BIO_free(bio);
193-
return dh;
193+
if (!EVP_PKEY_is_a(evp, "DH")) {
194+
EVP_PKEY_free(evp);
195+
return NULL;
196+
}
197+
return evp;
194198
}
195199

196200
#ifdef HAVE_ECC

0 commit comments

Comments
 (0)