OpenSSL 0.9.8 does not support the pkey command
The `tls_sockets()` and `sslv2_sockets()` use `get_pub_key_size()` to extract the size of the server's public key if the full response is being processed, and `get_pub_key_size()` uses `$OPENSSL pkey` to extract the server's public key from the certificate. However, OpenSSL 0.9.8 does not support the "pkey" command. This PR changes `get_pub_key_size()` to suppress the error message displayed by OpenSSL when the "pkey" command is not supported.
This commit is contained in:
parent
e8ce1fcb74
commit
8ad9e45acf
|
@ -5937,15 +5937,16 @@ get_pub_key_size() {
|
||||||
local tmppubkeyfile
|
local tmppubkeyfile
|
||||||
|
|
||||||
# OpenSSL displays the number of bits for RSA and ECC
|
# OpenSSL displays the number of bits for RSA and ECC
|
||||||
pubkeybits=$($OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -text | grep -aw "Public-Key:" | sed -e 's/.*(//' -e 's/)//')
|
pubkeybits=$($OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -text 2> $ERRFILE | grep -aw "Public-Key:" | sed -e 's/.*(//' -e 's/)//')
|
||||||
if [[ -n $pubkeybits ]]; then
|
if [[ -n $pubkeybits ]]; then
|
||||||
echo "Server public key is $pubkeybits" >> $TMPFILE
|
echo "Server public key is $pubkeybits" >> $TMPFILE
|
||||||
else
|
else
|
||||||
# This extracts the public key for DSA, DH, and GOST
|
# This extracts the public key for DSA, DH, and GOST
|
||||||
tmppubkeyfile=$(mktemp $TEMPDIR/pubkey.XXXXXX) || return 7
|
tmppubkeyfile=$(mktemp $TEMPDIR/pubkey.XXXXXX) || return 7
|
||||||
$OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -outform DER -out "$tmppubkeyfile"
|
$OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -outform DER -out "$tmppubkeyfile" 2> $ERRFILE
|
||||||
pubkey=$(hexdump -v -e '16/1 "%02X"' "$tmppubkeyfile")
|
pubkey=$(hexdump -v -e '16/1 "%02X"' "$tmppubkeyfile")
|
||||||
rm $tmppubkeyfile
|
rm $tmppubkeyfile
|
||||||
|
[[ -z "$pubkey" ]] && return 1
|
||||||
# Skip over tag and length of subjectPublicKeyInfo
|
# Skip over tag and length of subjectPublicKeyInfo
|
||||||
i=2
|
i=2
|
||||||
len1="0x${pubkey:i:2}"
|
len1="0x${pubkey:i:2}"
|
||||||
|
@ -6030,6 +6031,7 @@ get_pub_key_size() {
|
||||||
pubkeybits="$(printf "%d" $len)"
|
pubkeybits="$(printf "%d" $len)"
|
||||||
echo "Server public key is $pubkeybits bit" >> $TMPFILE
|
echo "Server public key is $pubkeybits bit" >> $TMPFILE
|
||||||
fi
|
fi
|
||||||
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
# arg1: name of file with socket reply
|
# arg1: name of file with socket reply
|
||||||
|
|
Loading…
Reference in New Issue