diff options
Diffstat (limited to 'modules/md')
-rw-r--r-- | modules/md/md_acme_order.c | 4 | ||||
-rw-r--r-- | modules/md/md_crypt.c | 47 | ||||
-rw-r--r-- | modules/md/md_version.h | 4 | ||||
-rw-r--r-- | modules/md/mod_md_status.c | 2 |
4 files changed, 38 insertions, 19 deletions
diff --git a/modules/md/md_acme_order.c b/modules/md/md_acme_order.c index 9e25e84..061093a 100644 --- a/modules/md/md_acme_order.c +++ b/modules/md/md_acme_order.c @@ -537,8 +537,8 @@ static apr_status_t check_challenges(void *baton, int attempt) } } else { - md_result_printf(ctx->result, rv, "authorization retrieval failed for domain %s", - authz->domain); + md_result_printf(ctx->result, rv, "authorization retrieval failed for %s on <%s>", + ctx->name, url); } } leave: diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c index f2b0cd5..4b2af89 100644 --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c @@ -32,6 +32,9 @@ #include <openssl/rand.h> #include <openssl/rsa.h> #include <openssl/x509v3.h> +#if OPENSSL_VERSION_NUMBER >= 0x30000000L +#include <openssl/core_names.h> +#endif #include "md.h" #include "md_crypt.h" @@ -988,26 +991,42 @@ static const char *bn64(const BIGNUM *b, apr_pool_t *p) const char *md_pkey_get_rsa_e64(md_pkey_t *pkey, apr_pool_t *p) { - const BIGNUM *e; - RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey); - - if (!rsa) { - return NULL; +#if OPENSSL_VERSION_NUMBER < 0x30000000L + const RSA *rsa = EVP_PKEY_get0_RSA(pkey->pkey); + if (rsa) { + const BIGNUM *e; + RSA_get0_key(rsa, NULL, &e, NULL); + return bn64(e, p); } - RSA_get0_key(rsa, NULL, &e, NULL); - return bn64(e, p); +#else + BIGNUM *e = NULL; + if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_E, &e)) { + const char *e64 = bn64(e, p); + BN_free(e); + return e64; + } +#endif + return NULL; } const char *md_pkey_get_rsa_n64(md_pkey_t *pkey, apr_pool_t *p) { - const BIGNUM *n; - RSA *rsa = EVP_PKEY_get1_RSA(pkey->pkey); - - if (!rsa) { - return NULL; +#if OPENSSL_VERSION_NUMBER < 0x30000000L + const RSA *rsa = EVP_PKEY_get0_RSA(pkey->pkey); + if (rsa) { + const BIGNUM *n; + RSA_get0_key(rsa, &n, NULL, NULL); + return bn64(n, p); } - RSA_get0_key(rsa, &n, NULL, NULL); - return bn64(n, p); +#else + BIGNUM *n = NULL; + if (EVP_PKEY_get_bn_param(pkey->pkey, OSSL_PKEY_PARAM_RSA_N, &n)) { + const char *n64 = bn64(n, p); + BN_free(n); + return n64; + } +#endif + return NULL; } apr_status_t md_crypt_sign64(const char **psign64, md_pkey_t *pkey, apr_pool_t *p, diff --git a/modules/md/md_version.h b/modules/md/md_version.h index cf62f5e..86a1821 100644 --- a/modules/md/md_version.h +++ b/modules/md/md_version.h @@ -27,7 +27,7 @@ * @macro * Version number of the md module as c string */ -#define MOD_MD_VERSION "2.4.24" +#define MOD_MD_VERSION "2.4.25" /** * @macro @@ -35,7 +35,7 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define MOD_MD_VERSION_NUM 0x020418 +#define MOD_MD_VERSION_NUM 0x020419 #define MD_ACME_DEF_URL "https://acme-v02.api.letsencrypt.org/directory" #define MD_TAILSCALE_DEF_URL "file://localhost/var/run/tailscale/tailscaled.sock" diff --git a/modules/md/mod_md_status.c b/modules/md/mod_md_status.c index 2286051..6b29256 100644 --- a/modules/md/mod_md_status.c +++ b/modules/md/mod_md_status.c @@ -325,7 +325,7 @@ static void si_val_valid_time(status_ctx *ctx, md_json_t *mdj, const status_info apr_pstrcat(ctx->p, info->label, "From", NULL)); } if (until) { - print_date(ctx, from, + print_date(ctx, until, apr_pstrcat(ctx->p, info->label, "Until", NULL)); } } |