33 lines
1.3 KiB
Diff
33 lines
1.3 KiB
Diff
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1976080
|
|
|
|
--- httpd-2.4.48/modules/ssl/ssl_engine_init.c.sslprivkey
|
|
+++ httpd-2.4.48/modules/ssl/ssl_engine_init.c
|
|
@@ -1307,6 +1307,16 @@
|
|
return 0;
|
|
}
|
|
|
|
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
|
+#define CHECK_PRIVKEY_ERROR(ec) (ERR_GET_FUNC(ec) != X509_F_X509_CHECK_PRIVATE_KEY))
|
|
+#else
|
|
+/* Check for the errors from X509_check_private_key() */
|
|
+#define CHECK_PRIVKEY_ERROR(ec) (ERR_GET_LIB != ERR_LIB_X509 \
|
|
+ || (ERR_GET_REASON(ec) != X509_R_KEY_TYPE_MISMATCH \
|
|
+ && ERR_GET_REASON(ec) != X509_R_KEY_VALUES_MISMATCH \
|
|
+ && ERR_GET_REASON(ec) != X509_R_UNKNOWN_KEY_TYPE))
|
|
+#endif
|
|
+
|
|
static apr_status_t ssl_init_server_certs(server_rec *s,
|
|
apr_pool_t *p,
|
|
apr_pool_t *ptemp,
|
|
@@ -1412,8 +1422,7 @@
|
|
}
|
|
else if ((SSL_CTX_use_PrivateKey_file(mctx->ssl_ctx, keyfile,
|
|
SSL_FILETYPE_PEM) < 1)
|
|
- && (ERR_GET_FUNC(ERR_peek_last_error())
|
|
- != X509_F_X509_CHECK_PRIVATE_KEY)) {
|
|
+ && CHECK_PRIVKEY_ERROR(ERR_peek_last_error())) {
|
|
ssl_asn1_t *asn1;
|
|
const unsigned char *ptr;
|
|
|