Anyone? Otherwise I would just revert on Monday. Regards
RĂ¼diger On 04/25/2016 03:44 PM, Ruediger Pluem wrote: > > > On 04/10/2016 12:19 PM, [email protected] wrote: >> Author: jfclere >> Date: Sun Apr 10 10:19:51 2016 >> New Revision: 1738415 >> >> URL: http://svn.apache.org/viewvc?rev=1738415&view=rev >> Log: >> print Server Temp Key information. >> >> Modified: >> httpd/httpd/trunk/support/ab.c >> >> Modified: httpd/httpd/trunk/support/ab.c >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1738415&r1=1738414&r2=1738415&view=diff >> ============================================================================== >> --- httpd/httpd/trunk/support/ab.c (original) >> +++ httpd/httpd/trunk/support/ab.c Sun Apr 10 10:19:51 2016 > >> @@ -709,6 +710,39 @@ static void ssl_proceed_handshake(struct >> SSL_CIPHER_get_name(ci), >> pk_bits, sk_bits); >> } >> + if (ssl_tmp_key == NULL) { >> + EVP_PKEY *key; >> + if (SSL_get_server_tmp_key(c->ssl, &key)) { >> + ssl_tmp_key = xmalloc(128); >> + switch (EVP_PKEY_id(key)) { >> + case EVP_PKEY_RSA: >> + apr_snprintf(ssl_tmp_key, 128, "RSA %d bits", >> + EVP_PKEY_bits(key)); >> + break; >> + case EVP_PKEY_DH: >> + apr_snprintf(ssl_tmp_key, 128, "DH %d bits", >> + EVP_PKEY_bits(key)); >> + break; >> +#ifndef OPENSSL_NO_EC >> + case EVP_PKEY_EC: { >> + const char *cname; >> + EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); >> + int nid = >> EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); >> + EC_KEY_free(ec); >> + cname = EC_curve_nid2nist(nid); > > This breaks compilation with openssl < 1.0.2 which does not have > EC_curve_nid2nist. > > >> + if (!cname) >> + cname = OBJ_nid2sn(nid); >> + >> + apr_snprintf(ssl_tmp_key, 128, "ECDH %s %d bits", >> + cname, >> + EVP_PKEY_bits(key)); >> + break; >> + } >> +#endif >> + } >> + EVP_PKEY_free(key); >> + } >> + } >> write_request(c); >> do_next = 0; >> break; > > Regards > > RĂ¼diger > >
