On 04/10/2016 12:19 PM, [email protected] wrote:
> Author: jfclere
> Date: Sun Apr 10 10:19:51 2016
> New Revision: 1738415
>
> URL: http://svn.apache.org/viewvc?rev=1738415&view=rev
> Log:
> print Server Temp Key information.
>
> Modified:
> httpd/httpd/trunk/support/ab.c
>
> Modified: httpd/httpd/trunk/support/ab.c
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1738415&r1=1738414&r2=1738415&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/support/ab.c (original)
> +++ httpd/httpd/trunk/support/ab.c Sun Apr 10 10:19:51 2016
> @@ -709,6 +710,39 @@ static void ssl_proceed_handshake(struct
> SSL_CIPHER_get_name(ci),
> pk_bits, sk_bits);
> }
> + if (ssl_tmp_key == NULL) {
> + EVP_PKEY *key;
> + if (SSL_get_server_tmp_key(c->ssl, &key)) {
> + ssl_tmp_key = xmalloc(128);
> + switch (EVP_PKEY_id(key)) {
> + case EVP_PKEY_RSA:
> + apr_snprintf(ssl_tmp_key, 128, "RSA %d bits",
> + EVP_PKEY_bits(key));
> + break;
> + case EVP_PKEY_DH:
> + apr_snprintf(ssl_tmp_key, 128, "DH %d bits",
> + EVP_PKEY_bits(key));
> + break;
> +#ifndef OPENSSL_NO_EC
> + case EVP_PKEY_EC: {
> + const char *cname;
> + EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
> + int nid =
> EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
> + EC_KEY_free(ec);
> + cname = EC_curve_nid2nist(nid);
This breaks compilation with openssl < 1.0.2 which does not have
EC_curve_nid2nist.
> + if (!cname)
> + cname = OBJ_nid2sn(nid);
> +
> + apr_snprintf(ssl_tmp_key, 128, "ECDH %s %d bits",
> + cname,
> + EVP_PKEY_bits(key));
> + break;
> + }
> +#endif
> + }
> + EVP_PKEY_free(key);
> + }
> + }
> write_request(c);
> do_next = 0;
> break;
Regards
RĂ¼diger
