diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-26 23:42:20 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-27 23:07:41 +0900 |
commit | 4846facb5f35ff04bd48eadbef0b366e4ffb6234 (patch) | |
tree | ea775e4ca5b9cb0d2aeb6f578be21f1b1bf6521e /ext/openssl/ossl_ssl.c | |
parent | cdfbc60516bee476192efff6ff0eebed18b6cb1d (diff) | |
download | ruby-4846facb5f35ff04bd48eadbef0b366e4ffb6234.tar.gz |
ext/openssl: EVP_PKEY, DH, DSA, RSA, EC_KEY are made opaque
Use EVP_PKEY_get0_* instead of pkey->pkey.*
Use EVP_PKEY_base_id(pkey) instead of EVP_PKEY_type(pkey->type)
Because of this, we can no longer set the parameters/keys directly, and
the newly added functions as alternative require setting all relevant
values at the same time. So this patch contains incompatibility: the
following code no longer works (if using 1.1.0):
dh = OpenSSL::PKey::DH.new(...)
dh.priv_key = OpenSSL::BN.new(...)
...and we have to write like:
dh = OpenSSL::PKey::DH.new(...)
priv = OpenSSL::BN.new(...)
pub = <calculate (dh.g ** priv) % dh.p>
dh.set_key(pub, priv)
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 3874543b2f..c66cea7d05 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -242,7 +242,7 @@ ossl_call_tmp_dh_callback(VALUE args) if (NIL_P(cb)) return Qfalse; dh = rb_apply(cb, rb_intern("call"), args); pkey = GetPKeyPtr(dh); - if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DH) return Qfalse; + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) return Qfalse; return dh; } @@ -260,7 +260,7 @@ ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) if (!RTEST(dh)) return NULL; ossl_ssl_set_tmp_dh(rb_ssl, dh); - return GetPKeyPtr(dh)->pkey.dh; + return EVP_PKEY_get0_DH(GetPKeyPtr(dh)); } #endif /* OPENSSL_NO_DH */ @@ -276,7 +276,7 @@ ossl_call_tmp_ecdh_callback(VALUE args) if (NIL_P(cb)) return Qfalse; ecdh = rb_apply(cb, rb_intern("call"), args); pkey = GetPKeyPtr(ecdh); - if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) return Qfalse; + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) return Qfalse; return ecdh; } @@ -294,7 +294,7 @@ ossl_tmp_ecdh_callback(SSL *ssl, int is_export, int keylength) if (!RTEST(ecdh)) return NULL; ossl_ssl_set_tmp_ecdh(rb_ssl, ecdh); - return GetPKeyPtr(ecdh)->pkey.ec; + return EVP_PKEY_get0_EC_KEY(GetPKeyPtr(ecdh)); } #endif |