OpenSSL 0.9.8 does not support the pkey command

The `tls_sockets()` and `sslv2_sockets()` use `get_pub_key_size()` to extract the size of the server's public key if the full response is being processed, and `get_pub_key_size()` uses `$OPENSSL pkey` to extract the server's public key from the certificate. However, OpenSSL 0.9.8 does not support the "pkey" command. This PR changes `get_pub_key_size()` to suppress the error message displayed by OpenSSL when the "pkey" command is not supported.
This commit is contained in:
David Cooper 2016-11-15 11:32:30 -05:00 committed by GitHub
parent e8ce1fcb74
commit 8ad9e45acf
1 changed files with 4 additions and 2 deletions

View File

@ -5937,15 +5937,16 @@ get_pub_key_size() {
local tmppubkeyfile local tmppubkeyfile
# OpenSSL displays the number of bits for RSA and ECC # OpenSSL displays the number of bits for RSA and ECC
pubkeybits=$($OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -text | grep -aw "Public-Key:" | sed -e 's/.*(//' -e 's/)//') pubkeybits=$($OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -text 2> $ERRFILE | grep -aw "Public-Key:" | sed -e 's/.*(//' -e 's/)//')
if [[ -n $pubkeybits ]]; then if [[ -n $pubkeybits ]]; then
echo "Server public key is $pubkeybits" >> $TMPFILE echo "Server public key is $pubkeybits" >> $TMPFILE
else else
# This extracts the public key for DSA, DH, and GOST # This extracts the public key for DSA, DH, and GOST
tmppubkeyfile=$(mktemp $TEMPDIR/pubkey.XXXXXX) || return 7 tmppubkeyfile=$(mktemp $TEMPDIR/pubkey.XXXXXX) || return 7
$OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -outform DER -out "$tmppubkeyfile" $OPENSSL x509 -noout -pubkey -in $HOSTCERT | $OPENSSL pkey -pubin -outform DER -out "$tmppubkeyfile" 2> $ERRFILE
pubkey=$(hexdump -v -e '16/1 "%02X"' "$tmppubkeyfile") pubkey=$(hexdump -v -e '16/1 "%02X"' "$tmppubkeyfile")
rm $tmppubkeyfile rm $tmppubkeyfile
[[ -z "$pubkey" ]] && return 1
# Skip over tag and length of subjectPublicKeyInfo # Skip over tag and length of subjectPublicKeyInfo
i=2 i=2
len1="0x${pubkey:i:2}" len1="0x${pubkey:i:2}"
@ -6030,6 +6031,7 @@ get_pub_key_size() {
pubkeybits="$(printf "%d" $len)" pubkeybits="$(printf "%d" $len)"
echo "Server public key is $pubkeybits bit" >> $TMPFILE echo "Server public key is $pubkeybits bit" >> $TMPFILE
fi fi
return 0
} }
# arg1: name of file with socket reply # arg1: name of file with socket reply