From 9deb01664f68f189852fbe752d66632f2665120d Mon Sep 17 00:00:00 2001 From: Rainer Jung Date: Fri, 16 Mar 2018 09:22:51 +0000 Subject: ab: Disable printing temp key for OpenSSL before version 1.0.2. SSL_get_server_tmp_key is not available there. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1826930 13f79535-47bb-0310-9956-ffa450edef68 --- support/ab.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'support') diff --git a/support/ab.c b/support/ab.c index a7c4df8c6c..224bd69f99 100644 --- a/support/ab.c +++ b/support/ab.c @@ -353,7 +353,9 @@ int is_ssl; SSL_CTX *ssl_ctx; char *ssl_cipher = NULL; char *ssl_info = NULL; +#if OPENSSL_VERSION_NUMBER >= 0x10002000L char *ssl_tmp_key = NULL; +#endif BIO *bio_out,*bio_err; #ifdef HAVE_TLSEXT int tls_use_sni = 1; /* used by default, -I disables it */ @@ -733,6 +735,7 @@ static void ssl_proceed_handshake(struct connection *c) SSL_CIPHER_get_name(ci), pk_bits, sk_bits); } +#if OPENSSL_VERSION_NUMBER >= 0x10002000L if (ssl_tmp_key == NULL) { EVP_PKEY *key; if (SSL_get_server_tmp_key(c->ssl, &key)) { @@ -752,9 +755,7 @@ static void ssl_proceed_handshake(struct connection *c) EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); EC_KEY_free(ec); -#if OPENSSL_VERSION_NUMBER >= 0x10002000L cname = EC_curve_nid2nist(nid); -#endif if (!cname) cname = OBJ_nid2sn(nid); @@ -773,6 +774,7 @@ static void ssl_proceed_handshake(struct connection *c) EVP_PKEY_free(key); } } +#endif write_request(c); do_next = 0; break; @@ -936,9 +938,11 @@ static void output_results(int sig) if (is_ssl && ssl_info) { printf("SSL/TLS Protocol: %s\n", ssl_info); } +#if OPENSSL_VERSION_NUMBER >= 0x10002000L if (is_ssl && ssl_tmp_key) { printf("Server Temp Key: %s\n", ssl_tmp_key); } +#endif #ifdef HAVE_TLSEXT if (is_ssl && tls_sni) { printf("TLS Server Name: %s\n", tls_sni); -- cgit v1.2.1