~vcs-imports-ii/znc/master

Viewing changes to Utils.cpp

Committer: imaginos
Date: 2005-10-09 06:57:29 UTC
Revision ID: git-v1:0955474bec315f2772e33a8380f62b9e83c23ff5

rewrite GenerateCert to work with browsers, some code reorganization with a different approach

git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@545 726aef4b-f618-498e-8847-2d620e286838

files modified:
Utils.cpp

Show diffs side-by-side

added added

removed removed

Utils.cpp

#ifdef HAVE_LIBSSL

void CUtils::GenerateCert(FILE *pOut, bool bEncPrivKey) {

RSA *pRSA = RSA_generate_key(1024, 17, NULL, NULL);

PEM_write_RSAPrivateKey(pOut, pRSA, (bEncPrivKey ? EVP_des_ede3_cbc() : NULL), NULL, 0, NULL, NULL);

X509_REQ *pReq = X509_REQ_new();

EVP_PKEY *pKey = EVP_PKEY_new();

X509_NAME *pName = X509_NAME_new();

EVP_PKEY_assign(pKey, EVP_PKEY_RSA, (char *)pRSA);

X509_REQ_set_pubkey(pReq, pKey);

char *pLogName = getenv("LOGNAME");

char *pHostName = getenv("HOSTNAME");

if (!pLogName) {

pLogName = "Unknown";

}

if (!pHostName) {

pHostName = "unknown.com";

}

CString sEmailAddr = pLogName;

sEmailAddr += "@";

sEmailAddr += pHostName;

X509_NAME_add_entry_by_txt(pName, "C", MBSTRING_ASC, (unsigned char *)"SomeCountry", -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "ST", MBSTRING_ASC, (unsigned char *)"SomeState", -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "L", MBSTRING_ASC, (unsigned char *)"SomeCity", -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "O", MBSTRING_ASC, (unsigned char *)"SomeCompany", -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "OU", MBSTRING_ASC, (unsigned char *)pLogName, -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "CN", MBSTRING_ASC, (unsigned char *)pHostName, -1, -1, 0);

X509_NAME_add_entry_by_txt(pName, "emailAddress", MBSTRING_ASC, (unsigned char *)sEmailAddr.c_str(), -1, -1, 0);

X509_REQ_set_subject_name(pReq, pName);

X509_REQ_sign(pReq, pKey, EVP_md5());

X509 *pX509 = X509_REQ_to_X509(pReq, 365, pKey);

if (pX509) {

PEM_write_X509(pOut, pX509);

X509_free(pX509);

}

X509_REQ_free(pReq);

EVP_PKEY_free(pKey);

EVP_PKEY *pKey = NULL;

X509 *pCert = NULL;

X509_NAME *pName = NULL;

int serial = 0, days = 365;

RSA *pRSA = RSA_generate_key(1024, 0x10001, NULL, NULL);

if( ( pKey = EVP_PKEY_new() ) ) {

if ( !EVP_PKEY_assign_RSA( pKey, pRSA ) ) {

EVP_PKEY_free( pKey );

return;

}

PEM_write_RSAPrivateKey( pOut, pRSA, (bEncPrivKey ? EVP_des_ede3_cbc() : NULL), NULL, 0, NULL, NULL);

if( !( pCert = X509_new() ) ) {

EVP_PKEY_free( pKey );

return;

}

X509_set_version( pCert, 2 );

ASN1_INTEGER_set( X509_get_serialNumber( pCert ), serial );

X509_gmtime_adj( X509_get_notBefore( pCert ), 0 );

X509_gmtime_adj( X509_get_notAfter( pCert ), (long)60*60*24*days );

X509_set_pubkey( pCert, pKey );

pName = X509_get_subject_name( pCert );

char *pLogName = getenv("LOGNAME");

char *pHostName = getenv("HOSTNAME");

if (!pLogName) {

pLogName = "Unknown";

}

if (!pHostName) {

pHostName = "unknown.com";

}

CString sEmailAddr = pLogName;

sEmailAddr += "@";

sEmailAddr += pHostName;

X509_NAME_add_entry_by_txt( pName, "C", MBSTRING_ASC, (unsigned char *)"US", -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "ST", MBSTRING_ASC, (unsigned char *)"SomeState", -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "L", MBSTRING_ASC, (unsigned char *)"SomeCity", -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "O", MBSTRING_ASC, (unsigned char *)"SomeCompany", -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "OU", MBSTRING_ASC, (unsigned char *)pLogName, -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "CN", MBSTRING_ASC, (unsigned char *)pHostName, -1, -1, 0);

X509_NAME_add_entry_by_txt( pName, "emailAddress", MBSTRING_ASC, (unsigned char *)sEmailAddr.c_str(), -1, -1, 0);

X509_set_subject_name( pCert, pName );

if ( !X509_sign( pCert, pKey, EVP_md5() ) ) {

X509_free( pCert );

EVP_PKEY_free( pKey );

100

return;

101

}

102

103

PEM_write_X509( pOut, pCert );

104

X509_free( pCert );

105

EVP_PKEY_free( pKey );

106

}

107

};

108

#endif /* HAVE_LIBSSL */

109

Older »