On 03-01-18 03:22, Selva Nair wrote:
> This is with openssl 1.0.1 and that could be the problem -- it may not
> have EVP_PKEY_get0_RSA() in which case the compatibility interface in
> use is probably not smart enough...
Exactly this is the case I think. The following should solve the issue:
--- a/src/openvpn/openssl_compat.h
+++ b/src/openvpn/openssl_compat.h
@@ -240,7 +240,7 @@ X509_OBJECT_get_type(const X509_OBJECT *obj)
static inline RSA *
EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
{
- return pkey ? pkey->pkey.rsa : NULL;
+ return (pkey && pkey->type == EVP_PKEY_RSA) ? pkey->pkey.rsa : NULL;
}
#endif
(No time to properly test and send a patch now, will look into it more
later if nobody else does.)
-Steffan
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
