mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY
Fixes #2079 Closes #2081
This commit is contained in:
parent
a9f669896f
commit
d3ab7c5a21
@ -838,12 +838,18 @@ int cert_stuff(struct connectdata *conn,
|
||||
EVP_PKEY_free(pktmp);
|
||||
}
|
||||
|
||||
#if !defined(OPENSSL_NO_RSA) && defined(HAVE_OPAQUE_EVP_PKEY)
|
||||
#if !defined(OPENSSL_NO_RSA)
|
||||
{
|
||||
/* If RSA is used, don't check the private key if its flags indicate
|
||||
* it doesn't support it. */
|
||||
EVP_PKEY *priv_key = SSL_get_privatekey(ssl);
|
||||
if(EVP_PKEY_id(priv_key) == EVP_PKEY_RSA) {
|
||||
int pktype;
|
||||
#ifdef HAVE_OPAQUE_EVP_PKEY
|
||||
pktype = EVP_PKEY_id(priv_key);
|
||||
#else
|
||||
pktype = priv_key->type;
|
||||
#endif
|
||||
if(pktype == EVP_PKEY_RSA) {
|
||||
RSA *rsa = EVP_PKEY_get1_RSA(priv_key);
|
||||
if(RSA_flags(rsa) & RSA_METHOD_FLAG_NO_CHECK)
|
||||
check_privkey = FALSE;
|
||||
|
Loading…
Reference in New Issue
Block a user