don't allocate BIGNUM on the stack

on fedora 33 the BIGNUM type is opaque. Allocate always to avoid headaches.
author: Omar Polo <op@omarpolo.com> 2021-02-10 14:25:39 +0000
committer: Omar Polo <op@omarpolo.com> 2021-02-10 14:25:39 +0000
commit: 4283d65fc11cfc822258a3969260d2dce0638ad4 (patch)
tree: a9bde7e67b9e208a890d30bc3b6e027422976d9b /utils.c
parent: f6b9a079e378d2891906510206419fd28f3ff890 (diff)
1 files changed, 9 insertions, 5 deletions
diff --git a/utils.c b/utils.c
index 66c7ced..9c88b83 100644
--- a/utils.c
+++ b/utils.c
@@ -17,6 +17,7 @@
 #include <errno.h>
 #include <string.h>
 
+#include <openssl/bn.h>
 #include <openssl/pem.h>
 #include <openssl/x509_vfy.h>
 #include <openssl/x509v3.h>
@@ -116,7 +117,7 @@ xstrdup(const char *s)
 void
 gen_certificate(const char *host, const char *certpath, const char *keypath)
 {
-	BIGNUM		e;
+	BIGNUM		*e;
 	EVP_PKEY	*pkey;
 	RSA		*rsa;
 	X509		*x509;
@@ -132,11 +133,13 @@ gen_certificate(const char *host, const char *certpath, const char *keypath)
                 fatal("couldn't create a new private key");
 
 	if ((rsa = RSA_new()) == NULL)
-		fatal("could'nt generate rsa");
+		fatal("couldn't generate rsa");
 
-	BN_init(&e);
-	BN_set_word(&e, 17);
-	if (!RSA_generate_key_ex(rsa, 4096, &e, NULL))
+	if ((e = BN_new()) == NULL)
+		fatal("couldn't allocate a bignum");
+
+	BN_set_word(e, 17);
+	if (!RSA_generate_key_ex(rsa, 4096, e, NULL))
 		fatal("couldn't generate a rsa key");
 
 	if (!EVP_PKEY_assign_RSA(pkey, rsa))
@@ -174,6 +177,7 @@ gen_certificate(const char *host, const char *certpath, const char *keypath)
 		fatal("couldn't write cert");
 	fclose(f);
 
+	BN_free(e);
 	X509_free(x509);
 	RSA_free(rsa);
 }
author	Omar Polo <op@omarpolo.com>	2021-02-10 14:25:39 +0000
committer	Omar Polo <op@omarpolo.com>	2021-02-10 14:25:39 +0000
commit	4283d65fc11cfc822258a3969260d2dce0638ad4 (patch)
tree	a9bde7e67b9e208a890d30bc3b6e027422976d9b /utils.c
parent	f6b9a079e378d2891906510206419fd28f3ff890 (diff)