On Wed, 2016-11-02 at 17:03 -0300, Felipe Sateler wrote:
> On 10 September 2016 at 10:39, Tanu Kaskinen <tanuk at iki.fi> wrote:
> > +/* Openssl 1.1.0 broke compatibility. We could depend on openssl 1.1.0, but
> > + * it may take some time before distributions are able to upgrade to the new
> > + * openssl version. To insulate ourselves from such transition problems, let's
> > + * add a compatibility macro. */
> > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > +#define RSA_set0_key(r, n_, e_, d) (r->n = n_, r->e = e_, 1)
>
> While as noted this appears to do the right thing, why not make it a
> real function instead? This should make it nicer for debuggers too.
I'm not sure why I did it this way. My guess would be that the openssl
instructions provided examples that used macros, and so I made a macro.
Using a function might not have occurred to me at all, but now I agree,
a function would be nicer.
> > +#endif
> > +
> > struct pa_raop_client {
> > pa_core *core;
> > char *host;
> > @@ -161,12 +169,15 @@ static int rsa_encrypt(uint8_t *text, int len, uint8_t *res) {
> > uint8_t exponent[8];
> > int size;
> > RSA *rsa;
> > + BIGNUM *n_bn;
> > + BIGNUM *e_bn;
> >
> > rsa = RSA_new();
> > size = pa_base64_decode(n, modules);
> > - rsa->n = BN_bin2bn(modules, size, NULL);
> > + n_bn = BN_bin2bn(modules, size, NULL);
> > size = pa_base64_decode(e, exponent);
> > - rsa->e = BN_bin2bn(exponent, size, NULL);
> > + e_bn = BN_bin2bn(exponent, size, NULL);
> > + pa_assert(RSA_set0_key(rsa, n_bn, e_bn, NULL) == 1);
>
> Shouldn't this be pa_assert_se?
Oops! Yes, it should. Good catch!
I'll submit v2.
--
Tanu
